EUVD-2019-13877

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server is vulnerable to cross-site scripting affecting multiple versions.

Reporter	Title	Published	Views	Family All 42
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with OpenPages GRC Platform (CVE-2019-4270)	8 Oct 201922:25	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2019-4270)	18 Sep 201914:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase	8 Oct 201919:27	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2019-4270)	1 Oct 201908:19	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2019-4442), (CVE-2019-4271), (CVE-2019-4268), (CVE-2019-4270), (CVE-2019-4477)	25 Sep 201914:00	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities are identified in the WebSphere Application Server where the Rational Asset Manager is deployed (CVE-2019-4442, CVE-2019-4268, CVE-2019-4270, and CVE-2019-4477)	25 Sep 201908:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in WebSphere Application Server affects IBM Rational products based on IBM Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2019-4270)	18 Sep 201914:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in WebSphere Application Server bundled with Cloud Pak System and supporting products	6 May 202011:57	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "ae6b8c16-8462-3f8d-b2df-5f3434f113f5",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "214d7da5-03f2-3b83-ab03-4d88991e5126",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      },
      {
        "id": "3d947283-7975-3c10-bae6-a6377df56eb1",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0"
      },
      {
        "id": "7325c7ad-5fa7-3ada-b238-7cbfe83e1e31",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      },
      {
        "id": "ac7bf952-22c6-3871-8f98-9a802be1e0f0",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/884036
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/160203
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.7Medium risk

Vulners AI Score5.7

CVSS 35.4

CVSS 23.5

CVSS 3.15.4

EPSS0.00174