Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty was affected by cross-site scripting (CVE-2025-12635)

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty was affected by cross-site scripting CVE-2025-12635. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-12635...

Security Bulletin: WebSphere Application Server Liberty is affected by cross-site scripting used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-12635)

Summary WebSphere Application Server Liberty is affected by cross-site scripting used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty...

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM Engineering Test Management are affected by cross-site scripting (CVE-2025-12635)

Summary IBM WebSphere Application Server is affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the user to a malicious site. Following IBM® Engineering Lifecycle Management...

Security Bulletin: IBM Engineering Lifecycle Management products using IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by cross-site scripting (CVE-2025-12635)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a cross-site scripting vulnerability with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0, or servlet-6.0 feature enabled, due to improper validation of user-supplied input. An attacker could...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by cross-site scripting and vulnerable to CVE-2025-32434.

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is affected by cross-site scripting and vulnerable to CVE-2025-32434. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: I...

Security Bulletin: IBM Storage Protect Operations Center is affected by a vulnerability in IBM WebSphere Application Server Liberty that could allow a security configuration attack (CVE-2025-12635).

Summary IBM Spectrum Protect Operations Center uses IBM WebSphere Application Server Liberty in certain components; a vulnerability in Liberty may allow a security configuration attack that could impact the security of the affected environment under specific conditions. Vulnerability Details...

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2025-14914, CVE-2025-12635)

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2025-14914, CVE-2025-12635. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-14914 DESCRIPTION: IBM WebSphere Application Server Liberty...

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard.

Summary Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard CVE-2025-14914, CVE-2022-23990, CVE-2024-28757, CVE-2025-59375 and CVE-2025-12635. IBM WebSphere Liberty and Expat have been updated within IBM CICS TX Standard to address these...

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-12635 and CVE-2025-14914).

Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-12635 and CVE-2025-14914. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these vulnerabilities. Vulnerability Details...

Security Bulletin: due to the use of IBM WebSphere Application Server and WebSphere Application Server Liberty, IBM Watson Explorer is vulnerable to a cross-site scripting vulnerability.

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty is used by IBM Watson Explorer. IBM Watson Explorer has addressed the applicable CVE CVE-2025-12635 Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by cross-site scripting due to WebSphere Application Server Liberty

Summary WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of managing the lifecycle of Java servlets and client. CVE-2025-12635. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...

Security Bulletin: Due to the use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by affected by cross-site scripting (CVE-2025-12635).

Summary WebSphere Application Server, used by IBM Tivoli Network Manager ITNM IP Edition, is affected by cross-site scripting. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM Tivol...

IBM MQ 9.1 < 9.1.0.34 LTS / 9.2 < 9.2.0.41 LTS / 9.3 < 9.3.0.37 LTS / 9.3 < 9.4.5.0 CD / 9.4 < 9.4.0.20 LTS XSS (7261943)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7261943 advisory. - IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper...

Security Bulletin: IBM MQ is affected by a vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-12635)

Summary A cross-site scripting vulnerability was identified in IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality CVE-2025-12635 Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server...

Security Bulletin: A security vulnerability have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase (CVE-2025-12635)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Due to use of IBM WebSphere Application Server, IBM Tivoli Netcool Configuration Manager (ITNCM) is affected by cross-site scripting (CVE-2025-12635).

Summary WebSphere Application Server, used by IBM Tivoli Netcool Configuration Manager ITNCM, is affected by cross-site scripting. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- IBM...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-12635)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a cross-site scripting vulnerability (CVE-2025-12635)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a cross-site scripting vulnerability with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0, or servlet-6.0 feature enabled. Vulnerability Details Refer to the security...

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server and WebSphere Application Server Liberty and are affected by cross-site scripting.

Summary The security issue described in CVE-2025-12635 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2025-12635)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a cross-site scripting vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...