What is the severity of CVE-2014-0953?

CVE-2014-0953 has a high severity level due to its potential for remote exploitation through cross-site scripting.

How do I fix CVE-2014-0953?

To fix CVE-2014-0953, it is recommended to upgrade to the latest version of IBM WebSphere Portal that has addressed this vulnerability.

Which versions of IBM WebSphere Portal are affected by CVE-2014-0953?

CVE-2014-0953 affects IBM WebSphere Portal versions from 6.1.0.0 through 6.1.0.6, 6.1.5.0 through 6.1.5.3, 7.0.0 through 7.0.0.2, and all versions before 8.0.0.1.

What type of attack is possible with CVE-2014-0953?

CVE-2014-0953 allows an attacker to perform cross-site scripting (XSS) attacks by injecting arbitrary web scripts or HTML.

Is CVE-2014-0953 a critical vulnerability?

While CVE-2014-0953 is classified as high severity, its criticality depends on the specific context of its deployment and potential impact.

Vulnerability/
CVE-2014-0953

medium

4.3

CWE

12/8/2014

6/8/2024

CVE-2014-0953: XSS

First published: Tue Aug 12 2014(Updated: )

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.0 through 6.1.0.6 CF27, 6.1.5.0 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, and 8.0.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Portal	=6.1.0.0
IBM WebSphere Portal	=6.1.0.1
IBM WebSphere Portal	=6.1.0.2
IBM WebSphere Portal	=6.1.0.3
IBM WebSphere Portal	=6.1.0.4
IBM WebSphere Portal	=6.1.0.5
IBM WebSphere Portal	=6.1.0.6
IBM WebSphere Portal	=6.1.5.0
IBM WebSphere Portal	=6.1.5.1
IBM WebSphere Portal	=6.1.5.2
IBM WebSphere Portal	=6.1.5.3
IBM WebSphere Portal	=7.0.0.0
IBM WebSphere Portal	=7.0.0.1
IBM WebSphere Portal	=7.0.0.2
IBM WebSphere Portal	=8.0.0.0

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21680230

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0953?
CVE-2014-0953 has a high severity level due to its potential for remote exploitation through cross-site scripting.
How do I fix CVE-2014-0953?
To fix CVE-2014-0953, it is recommended to upgrade to the latest version of IBM WebSphere Portal that has addressed this vulnerability.
Which versions of IBM WebSphere Portal are affected by CVE-2014-0953?
CVE-2014-0953 affects IBM WebSphere Portal versions from 6.1.0.0 through 6.1.0.6, 6.1.5.0 through 6.1.5.3, 7.0.0 through 7.0.0.2, and all versions before 8.0.0.1.
What type of attack is possible with CVE-2014-0953?
CVE-2014-0953 allows an attacker to perform cross-site scripting (XSS) attacks by injecting arbitrary web scripts or HTML.
Is CVE-2014-0953 a critical vulnerability?
While CVE-2014-0953 is classified as high severity, its criticality depends on the specific context of its deployment and potential impact.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/remedy
agent/author
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere portal
version/ibm websphere portal/6.1.0.0
version/ibm websphere portal/6.1.0.1
version/ibm websphere portal/6.1.0.2
version/ibm websphere portal/6.1.0.3
version/ibm websphere portal/6.1.0.4
version/ibm websphere portal/6.1.0.5
version/ibm websphere portal/6.1.0.6
version/ibm websphere portal/6.1.5.0
version/ibm websphere portal/6.1.5.1
version/ibm websphere portal/6.1.5.2
version/ibm websphere portal/6.1.5.3
version/ibm websphere portal/7.0.0.0
version/ibm websphere portal/7.0.0.1
version/ibm websphere portal/7.0.0.2
version/ibm websphere portal/8.0.0.0