CVE-2016-8934

🗓️ 01 Feb 2017 20:00:00Reported by ibmType

IBM WebSphere App Server CVE-2016-8934, XSS vulnerability, allows arbitrary JS code, potential credentials disclosur

Reporter	Title	Published	Views	Family All 46
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2016-8934)	17 Jun 201815:32	–	ibm
IBM Security Bulletins	Security Bulletin:A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2016-8934)	16 Jun 201821:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise	17 Jun 201822:33	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Enterprise Service Bus (CVE-2016-8934)	15 Jun 201807:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server	17 Jun 201815:34	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2016-8934)	17 Jun 201815:32	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2016-8934)	19 Aug 202221:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities have been identified in IBM Websphere Application Server and IBM Java shipped with IBM Security Access Manager for Enterprise Single Sign-On	25 Jun 201805:54	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with OpenPages GRC Platform (CVE-2016-8934)	15 Jun 201822:48	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Access Manager for e-business and IBM Security Access Manager version 7.0 software (CVE-2016-8934)	16 Jun 201822:00	–	ibm

NVD

Node

ibm websphere_application_serverMatch8.5.5.0

ibm websphere_application_serverMatch8.5.5.0-liberty_profile

ibm websphere_application_serverMatch8.5.5.1

ibm websphere_application_serverMatch8.5.5.1-liberty_profile

ibm websphere_application_serverMatch8.5.5.2

ibm websphere_application_serverMatch8.5.5.2-liberty_profile

ibm websphere_application_serverMatch8.5.5.3

ibm websphere_application_serverMatch8.5.5.3-liberty_profile

ibm websphere_application_serverMatch8.5.5.4

ibm websphere_application_serverMatch8.5.5.4-liberty_profile

ibm websphere_application_serverMatch8.5.5.5

ibm websphere_application_serverMatch8.5.5.5-liberty_profile

ibm websphere_application_serverMatch8.5.5.6

ibm websphere_application_serverMatch8.5.5.6-liberty_profile

ibm websphere_application_serverMatch8.5.5.7

ibm websphere_application_serverMatch8.5.5.8

ibm websphere_application_serverMatch8.5.5.9

ibm websphere_application_serverMatch8.5.5.10

ibm websphere_application_serverMatch8.5.5.11

ibm websphere_application_serverMatch9.0.0.0

ibm websphere_application_serverMatch9.0.0.1

ibm websphere_application_serverMatch9.0.0.2

[
  {
    "product": "WebSphere Application Server for Bluemix",
    "vendor": "IBM Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/95154
ibm	www.ibm.com/support/docview.wss

13 May 2026 00:24Current

5.3Medium risk

Vulners AI Score5.3

CVSS 23.5

CVSS 35.4

EPSS0.002

CWE-79