CVE-2015-7397

High

7.4/10

Summary

Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Jan 10, 2016

CVE-2015-7397

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS