Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:1 a.m.28 views

Security Bulletin: Potential Security exposures with WebSphere Application Server (CVE-2014-4770 and CVE-2014-4816)

Summary There is a potential cross-site scripting XSS and a potential cross-site request forgery CSRF security vulnerability in WebSphere Application Server. Vulnerability Details CVEID: CVE-2014-4770 Description: IBM WebSphere Application Server may be vulnerable to cross-site scripting, caused ...

6CVSS7.4AI score0.01932EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/04/04 12:0 a.m.24 views

IBM WebSphere Application Server 8.0.0.x < 8.0.0.10 Multiple Vulnerabilities

Binary data 700045.prm...

6CVSS4.7AI score0.02234EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2017/04/04 12:0 a.m.23 views

IBM WebSphere Application Server 7.0.0.x < 7.0.0.35 Multiple Vulnerabilities

Binary data 700044.prm...

6CVSS4.7AI score0.02234EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2017/04/04 12:0 a.m.31 views

IBM WebSphere Application Server 8.5.5.x < 8.5.5.4 Multiple Vulnerabilities

Binary data 700046.prm...

6CVSS4.7AI score0.02234EPSS
Exploits0References7
CERT
CERT
added 2014/10/08 12:0 a.m.40 views

IBM WebSphere Application Server contains multiple vulnerabilities

Overview IBM WebSphere Application Server, including the Hypervisor Edition, contains cross-site scripting and cross-site request forgery vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-4770IBM WebSphere Applicatio...

6CVSS5.4AI score0.01932EPSS
Exploits0References3
NVD
NVD
added 2014/09/23 10:55 p.m.17 views

CVE-2014-4770

Cross-site scripting XSS vulnerability in IBM WebSphere Application Server WAS 6.x through 6.1.0.47, 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before 8.5.5.4 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS3.4AI score0.01932EPSS
Exploits0References7
CVE
CVE
added 2014/09/23 10:0 p.m.76 views

CVE-2014-4770

CVE-2014-4770 is an IBM WebSphere Application Server Admin Console vulnerability that allows remote authenticated admins to inject arbitrary scripts via crafted URLs (XSS). The connected IBM bulletins also cover CVE-2014-4816 (CSRF) affecting WAS Admin Console. Affected WAS versions include 8.5, ...

3.5CVSS3.5AI score0.01932EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder