IBM WebSphere Portal CVE-2017-1156 Unspecified Open Redirection Vulnerability

IBM WebSphere Portal is prone to an unspecified open-redirection vulnerability.

An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.

Information

Bugtraq ID: 98340
Class: Input Validation Error
CVE: CVE-2017-1156

Remote: Yes
Local: No
Published: May 09 2017 12:00AM
Updated: May 09 2017 12:00AM
Credit: IBM
Vulnerable: IBM Websphere Portal 9.0
IBM Websphere Portal 8.5

Not Vulnerable:

Exploit

An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.

References:

IBM Homepage (IBM)
IBM Websphere Homepage (IBM)
swg22000153: Open Redirect Vulnerability in IBM WebSphere Portal (CVE-2017-1156) (IBM)

Source: www.securityfocus.com

Exploit Collector

Search Exploit