What is the severity of CVE-2014-4762?

CVE-2014-4762 is classified as a medium-severity cross-site scripting (XSS) vulnerability.

How do I fix CVE-2014-4762?

To fix CVE-2014-4762, users should upgrade to the latest patched version of IBM WebSphere Portal.

Who is affected by CVE-2014-4762?

CVE-2014-4762 affects remote authenticated users of IBM WebSphere Portal versions 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02.

What type of vulnerability is CVE-2014-4762?

CVE-2014-4762 is a cross-site scripting (XSS) vulnerability that allows injection of arbitrary web script or HTML.

What versions of WebSphere Portal are impacted by CVE-2014-4762?

IBM WebSphere Portal versions affected include 8.0.0 through 8.0.0.1 CF13 and 8.5.0 prior to CF02.

Vulnerability/
CVE-2014-4762

low

3.5

CWE

12/9/2014

6/8/2024

CVE-2014-4762: XSS

First published: Fri Sep 12 2014(Updated: )

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF13 and 8.5.0 before CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Portal	=8.0
IBM WebSphere Portal	=8.0.0.0
IBM WebSphere Portal	=8.0.0.0-cf01
IBM WebSphere Portal	=8.0.0.0-cf02
IBM WebSphere Portal	=8.0.0.0-cf03
IBM WebSphere Portal	=8.0.0.0-cf04
IBM WebSphere Portal	=8.0.0.0-cf05
IBM WebSphere Portal	=8.0.0.1
IBM WebSphere Portal	=8.0.0.1
IBM WebSphere Portal	=8.0.0.1-cf04
IBM WebSphere Portal	=8.0.0.1-cf05
IBM WebSphere Portal	=8.0.0.1-cf06
IBM WebSphere Portal	=8.0.0.1-cf07
IBM WebSphere Portal	=8.0.0.1-cf08
IBM WebSphere Portal	=8.0.0.1-cf09
IBM WebSphere Portal	=8.0.0.1-cf12
IBM WebSphere Portal	=8.5.0.0
IBM WebSphere Portal	=8.5.0.0-cf01

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21681998

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-4762?
CVE-2014-4762 is classified as a medium-severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2014-4762?
To fix CVE-2014-4762, users should upgrade to the latest patched version of IBM WebSphere Portal.
Who is affected by CVE-2014-4762?
CVE-2014-4762 affects remote authenticated users of IBM WebSphere Portal versions 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02.
What type of vulnerability is CVE-2014-4762?
CVE-2014-4762 is a cross-site scripting (XSS) vulnerability that allows injection of arbitrary web script or HTML.
What versions of WebSphere Portal are impacted by CVE-2014-4762?
IBM WebSphere Portal versions affected include 8.0.0 through 8.0.0.1 CF13 and 8.5.0 prior to CF02.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/weakness
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere portal
version/ibm websphere portal/8.0
version/ibm websphere portal/8.0.0.0
version/ibm websphere portal/8.0.0.0-cf01
version/ibm websphere portal/8.0.0.0-cf02
version/ibm websphere portal/8.0.0.0-cf03
version/ibm websphere portal/8.0.0.0-cf04
version/ibm websphere portal/8.0.0.0-cf05
version/ibm websphere portal/8.0.0.1
version/ibm websphere portal/8.0.0.1-cf04
version/ibm websphere portal/8.0.0.1-cf05
version/ibm websphere portal/8.0.0.1-cf06
version/ibm websphere portal/8.0.0.1-cf07
version/ibm websphere portal/8.0.0.1-cf08
version/ibm websphere portal/8.0.0.1-cf09
version/ibm websphere portal/8.0.0.1-cf12
version/ibm websphere portal/8.5.0.0
version/ibm websphere portal/8.5.0.0-cf01