VYPR
High severity7.4NVD Advisory· Published Jan 10, 2016· Updated Jun 17, 2026

CVE-2015-7397

CVE-2015-7397

Description

Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter.

Affected products

2
  • cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*
    • (no CPE)range: >=7.0 <=Feature Pack 8

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.