CVE-2016-2989

MEDIUM

IBM Connections Portlets - Improper Access Control

Title source: rule

Description

Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere Portal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References (3)

Scores

CVSS v3 6.5
EPSS 0.0022
EPSS Percentile 44.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Classification

CWE
CWE-284
Status draft

Affected Products (1)

ibm/connections_portlets

Timeline

Published Aug 08, 2016
Tracked Since Feb 18, 2026