CVE-2024-45087

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2024-45087 IBM WebSphere Application Server cross-site scripting

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2024-45087

CVE-2024-45087 is an XSS vulnerability in IBM WebSphere Application Server 8.5 and 9.0 affecting the administrative Web UI. The issue enables a privileged user to inject arbitrary JavaScript, potentially altering functionality and leading to credentials disclosure within a trusted session. Multip...

CVE-2024-45087 IBM WebSphere Application Server cross-site scripting

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM MQ have been published in a security bulletin CVE-2024-21147, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138, CVE-2023-50314 Vulnerability Details Refer to the security bulletins...

Security Bulletin: IBM WebSphere Application Server traditional shipped with IBM Tivoli System Automation Application Manager is vulnerable to an XML External Entity Injection (XXE) vulnerability

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager CVE-2024-45086 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affect...

IBM WebSphere Application Server 跨站脚本漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM...

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2024-21147 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause high...

IBM WebSphere Application Server (Traditional and Liberty) Detection Consolidation

Consolidation of IBM WebSphere Application Server detections Traditional and Liberty. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2023-50314)

Summary IBM WebSphere Application Server is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

CVE-2024-45086

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2024-45086

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2024-45086 IBM WebSphere Application Server XML external entity injection

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2024-45086 IBM WebSphere Application Server XML external entity injection

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2024-45086

CVE-2024-45086 affects IBM WebSphere Application Server 8.5 and 9.0. The vulnerability is an XML External Entity (XXE) injection occurring while processing XML data, enabling a privileged user to expose sensitive information and potentially cause memory/resource exhaustion (low to moderate impact...

Security Bulletin: IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty could allow an attacker with access to the network to conduct spoofing attacks. (CVE-2023-50314)

Summary IBM PowerVM Novalink is vulnerable because IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to...

Security Bulletin: Multiple vulnerabilities within WebSphere Application and IBM HTTP Server, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application and IBM HTTP Server which is included as part of IBM Tivoli Monitoring ITM portal server. have been remediated Vulnerability Details CVEID:CVE-2024-45071 DESCRIPTION: IBM WebSphere Application Server is vulnerable to stored cross-site...

IBM WebSphere Application Server 安全漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere...

Security Bulletin: A vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2023-50315)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an information disclosure vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security...

Security Bulletin: IBM Db2 and IBM WebSphere Application Server traditional used by IBM Security Verify Governance have multiple vulnerabilities

Summary IBM Security Verify Governance ISVG ships with IBM Db2 and IBM WebSphere Application Server traditional. Information about security vulnerabilities affecting these dependencies has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the...