IBM WebSphere Application Server Liberty is a Java application server from International Business Machines (IBM) built on top of the Open Liberty project. A cross-site scripting vulnerability exists in IBM WebSphere Application Server Liberty versions 23.0.0.3 through 24.0.0.3, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.