Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jasig Subscribe
Filtered by product Uportal
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3417 1 Jasig 1 Uportal 2014-05-30 6.5 MEDIUM N/A
uPortal before 4.0.13.1 does not properly check the CONFIG permission, which allows remote authenticated users to configure portlets by leveraging the SUBSCRIBE permission for a portlet.
CVE-2014-3416 1 Jasig 1 Uportal 2014-05-30 6.5 MEDIUM N/A
uPortal before 4.0.13.1 does not properly check the MANAGE permissions, which allows remote authenticated users to manage arbitrary portlets by leveraging the SUBSCRIBE permission for the portlet-admin portlet.