EUVD-2017-10137

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server is vulnerable to cross-site scripting allowing JavaScript code injection.

Reporter	Title	Published	Views	Family All 56
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2017-1121)	17 Jun 201815:39	–	ibm
IBM Security Bulletins	Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2017-1121)	15 Jun 201807:07	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with Cloud Orchestrator and Cloud Orchestrator Enterprise (CVE-2016-5983)	17 Jun 201822:33	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2017-1121)	17 Jun 201812:17	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM License Metric Tool 7.x and IBM Tivoli Asset Discovery for Distributed 7.x (CVE-2017-1121)	26 Apr 202121:17	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2016-1121)	15 Jun 201807:07	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in Tivoli Integrated Portal shipped with IBM Tivoli Storage Manager FastBack for Workstations (CVE-2017-1121)	17 Jun 201815:35	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM Websphere Application Server shipped with IBM Security/Tivoli Directory Server (CVE-2017-1121)	16 Jun 201821:51	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise	17 Jun 201822:33	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM SmartCloud Cost Management and Tivoli Usage and Accounting Management (CVE-2017-1121)	17 Jun 201822:33	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "d63cc85f-cc7e-3830-a447-0207ac46bbcd",
        "vendor": {
          "name": "IBM Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "52bb8cde-68e9-3c28-97c9-83e3edad0b82",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      },
      {
        "id": "898de72a-5d90-3b26-a583-d94145a1126c",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0.0"
      },
      {
        "id": "a2f506c8-aad4-3a35-9fbc-0f72ad16e058",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0.0"
      },
      {
        "id": "a69a3071-9fe2-372a-a4a1-c263e376c08d",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1037806
securityfocus	www.securityfocus.com/bid/96164
ibm	www.ibm.com/support/docview.wss
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.7Medium risk

Vulners AI Score5.7

CVSS 35.4

CVSS 23.5

EPSS0.0027