8 matches found
Security Bulletin: IBM Cloud Private is vulnerable to IBM WebSphere Application Server Liberty vulnerabilities (CVE-2020-4303, CVE-2020-4304)
Summary IBM Cloud Private is vulnerable to IBM WebSphere Application Server Liberty vulnerabilities Vulnerability Details CVEID: CVE-2020-4303 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users t...
Security Bulletin: IBM WebSphere Application Server Liberty XSS Vulnerabilities Affect IBM Control Center (CVE-2020-4303, CVE-2020-4304)
Summary IBM Control Center WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Security Bulletin: Multiple security vulnerabilities in IBM WebSphere Application Server Liberty shipped with IBM Cloud Pak System family products
Summary IBM WebSphere Application Server is shipped as component of IBM Cloud Pak System family products. Information about security vulnerabilities affecting WebSphere Application Server Liberty have been published in security bulletins. Vulnerability Details Refer to the security bulletins list...
Security Bulletin: Vulnerability in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2020-4303, CVE-2020-4304)
Summary There is a cross-site scripting vulnerability in the OAuth, OpenID Connect and SAML features. This has been addressed. Vulnerability Details CVEID: CVE-2020-4303 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This...
Security Bulletin: WebSphere Application Server Liberty is vulnerable to Cross-site Scripting (CVE-2020-4303, CVE-2020-4304)
Summary There is a cross-site scripting vulnerability in the OAuth, OpenID Connect and SAML features. This has been addressed. Vulnerability Details CVEID: CVE-2020-4303 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This...
(RHSA-2020:1428) Moderate: Open Liberty 20.0.0.4 Runtime security update
Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. This release of Open Liberty 20.0.0.4 serves as a replacement for Open Liberty 20.0.0.3 and includes security fixes, bug fixes, and enhancements. For specific information about this...
CVE-2020-4304
Summary (CVE-2020-4304): IBM WebSphere Application Server Liberty components are affected by a cross-site scripting (XSS) vulnerability in the Web UI. Affects Liberty 17.0.0.3 through 20.0.0.3; exploitation could lead to credentials disclosure within a trusted session. The connected IBM bulletins...
Security Bulletin: WebSphere Application Server Liberty shipped with IBM WebSphere Application Server Patterns is vulnerable to Cross-site Scripting (CVE-2020-4303, CVE-2020-4304)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed i...