High severity7.4NVD Advisory· Published Jan 10, 2016· Updated Jun 17, 2026
CVE-2015-7397
CVE-2015-7397
Description
Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter.
Affected products
2cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:websphere_commerce:7.0:*:*:*:*:*:*:*
- (no CPE)range: >=7.0 <=Feature Pack 8
Patches
Vulnerability mechanics
References
4- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- www-01.ibm.com/support/docview.wssnvd
- www.securitytracker.com/id/1034640nvd
News mentions
0No linked articles in our index yet.