Lucene search
China National Vulnerability DatabaseCNVD-2024-15727HistoryMar 29, 2024 - 12:00 a.m.
IBM WebSphere Application Server Liberty Cross-Site Scripting Vulnerability (CNVD-2024-15727)
2024-03-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
ibm
websphere
application server
liberty
cross-site scripting
vulnerability
open liberty project
23.0.0.3
24.0.0.3
filtering
escaping
user-supplied data
attacker
arbitrary
web script
html
crafted payload
exploited
IBM WebSphere Application Server Liberty is a Java application server from International Business Machines (IBM) built on top of the Open Liberty project. A cross-site scripting vulnerability exists in IBM WebSphere Application Server Liberty versions 23.0.0.3 through 24.0.0.3, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary Web script or HTML by injecting a crafted payload.
Related
ibm
ibm
vulnrichment
vulnrichment
CVE-2024-27270 IBM WebSphere Application Server Liberty cross-site scripting
2024-03-27 12:42:52
cvelist
cvelist
CVE-2024-27270 IBM WebSphere Application Server Liberty cross-site scripting
2024-03-27 12:42:52
nessus
nessus
IBM WebSphere Application Server Liberty 23.0.0.3 < 24.0.0.4 XSS (7145231)
2024-03-27 00:00:00
nvd
nvd
CVE-2024-27270
2024-03-27 13:15:47
cve
cve
CVE-2024-27270
2024-03-27 13:15:47