80 matches found
EUVD-2025-209934
IBM webMethods Integration on prem -Integration Server 10.15 through IS10.15CoreFix2611.1 to IS11.1CoreFix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to...
CVE-2025-14290
IBM webMethods Integration on prem -Integration Server 10.15 through IS10.15CoreFix2611.1 to IS11.1CoreFix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to...
PT-2026-43278
IBM webMethods Integration on prem -Integration Server 10.15 through IS 10.15 Core Fix2611.1 to IS 11.1 Core Fix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially...
Security Bulletin: Due to use angular-1.8.2.min.js , IBM webMethods Integration Server is affected by multiple vulnerabilities.
Summary Multiple vulnerabilities were addressed in IBM webMethods Integration Server by upgrading the version of the Angular framework. Vulnerability Details CVEID:CVE-2025-0716 DESCRIPTION: Improper sanitization of the value of the 'href' and 'xlink:href' attributes in 'image' SVG elements in...
HTML Injection Vulnerability in IBM webMethods Integration Server
IBM webMethods Integration Server is an application connector from International Business Machines IBM. An HTML injection vulnerability exists in IBM webMethods Integration Server version 12.0. An attacker could exploit this vulnerability to execute arbitrary Web script or HTML...
CVE-2025-14289
IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
CVE-2025-14289 IBM webMethods Integration Server is vulnerable to HTML injection
IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
CVE-2025-14289 IBM webMethods Integration Server is vulnerable to HTML injection
IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
CVE-2025-14289
IBM webMethods Integration Server 12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
IBM webMethods Integration Server 安全漏洞
IBM webMethods Integration Server is an application connector from International Business Machines IBM. An HTML injection vulnerability exists in IBM webMethods Integration Server version 12.0. An attacker could exploit this vulnerability to execute arbitrary Web script or HTML...
Security Bulletin: IBM webMethods Integration Server is vulnerable to HTML injection
Summary IBM webMethods Integration Sever is vulnerable to HTML injection in Security Claims UI. CVE-2025-14289. Vulnerability Details CVEID:CVE-2025-14289 DESCRIPTION: IBM webMethods Integration is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed...
CVE-2025-14150
IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...
CVE-2025-14150
IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...
EUVD-2025-206871
IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...
CVE-2025-14150
CVE-2025-14150 affects IBM webMethods Integration (on prem) Server versions 10.15 through IS_10.15_Core_Fix24 and 11.1 through IS_11.1_Core_Fix8. Root cause: server responses could disclose sensitive user information. Impact: exposure of sensitive information with network access (vector: network,...
CVE-2025-14150 IBM webMethods Integration Sever is affected by
IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...
IBM webMethods Integration 安全漏洞
IBM webMethods Integration is a hybrid enterprise iPaaS offered by International Business Machines IBM. There are security vulnerabilities in the versions of IBM webMethods Integration 10.15 up to IS10.15CoreFix2411.1 and IS11.1CoreFix8. These vulnerabilities stem from the possibility of sensitiv...
Security Bulletin: Multiple vulnerabilities found in IBM EntireX through the use of webMethods Integration Server.
Summary As IBM EntireX Adapter runs in the webMethods Integration Server and the webMethods Integration Server has been updated in order to address the vulnerabilities, the fix for webMethods Integration Server will need to be applied by IBM EntireX customers. Vulnerability Details...
EUVD-2025-198374
IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...
CVE-2025-36072
IBM webMethods Integration 10.11 through 10.11CoreFix22, 10.15 through 10.15CoreFix22, and 11.1 through 11.1CoreFix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data...