7 matches found
Security Bulletin: Potential Security exposures with WebSphere Application Server (CVE-2014-4770 and CVE-2014-4816)
Summary There is a potential cross-site scripting XSS and a potential cross-site request forgery CSRF security vulnerability in WebSphere Application Server. Vulnerability Details CVEID: CVE-2014-4770 Description: IBM WebSphere Application Server may be vulnerable to cross-site scripting, caused ...
IBM WebSphere Application Server 8.0.0.x < 8.0.0.10 Multiple Vulnerabilities
Binary data 700045.prm...
IBM WebSphere Application Server 7.0.0.x < 7.0.0.35 Multiple Vulnerabilities
Binary data 700044.prm...
IBM WebSphere Application Server 8.5.5.x < 8.5.5.4 Multiple Vulnerabilities
Binary data 700046.prm...
IBM WebSphere Application Server contains multiple vulnerabilities
Overview IBM WebSphere Application Server, including the Hypervisor Edition, contains cross-site scripting and cross-site request forgery vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-4770IBM WebSphere Applicatio...
CVE-2014-4770
Cross-site scripting XSS vulnerability in IBM WebSphere Application Server WAS 6.x through 6.1.0.47, 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before 8.5.5.4 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL...
CVE-2014-4770
CVE-2014-4770 is an IBM WebSphere Application Server Admin Console vulnerability that allows remote authenticated admins to inject arbitrary scripts via crafted URLs (XSS). The connected IBM bulletins also cover CVE-2014-4816 (CSRF) affecting WAS Admin Console. Affected WAS versions include 8.5, ...