CVE-2014-4760

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal versions 6.1.0.0 through 6.1.0.6 IBM WebSphere Portal versions 6.1.5.0 through 6.1.5.3 IBM WebSphere Portal versions 7.0.0 through 7.0.0.2 IBM WebSphere Portal version 8.0.0 before 8.0.0.1 CF13 IBM WebSphere Portal version 8.5.0 before CF01

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. This is an open redirect vulnerability.

Recommendations For versions 6.1.0.0 through 6.1.0.6, update to a version outside of this range to mitigate the risk. For versions 6.1.5.0 through 6.1.5.3, update to a version outside of this range to mitigate the risk. For versions 7.0.0 through 7.0.0.2, update to a version outside of this range to mitigate the risk. For version 8.0.0 before 8.0.0.1 CF13, update to 8.0.0.1 CF13 or later. For version 8.5.0 before CF01, update to CF01 or later.