IBM WebSphere Portal CVE-2017-1156 Unspecified Open Redirection Vulnerability

IBM WebSphere Portal is prone to an unspecified open-redirection vulnerability.

An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.


Bugtraq ID: 98340
Class: Input Validation Error
CVE: CVE-2017-1156

Remote: Yes
Local: No
Published: May 09 2017 12:00AM
Updated: May 09 2017 12:00AM
Credit: IBM
Vulnerable: IBM Websphere Portal 9.0
IBM Websphere Portal 8.5

Not Vulnerable:


An attacker can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.

Related Posts