CVE-2022-42118

A Cross-site scripting XSS vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the tag parameter...

Security Bulletin: Vulnerability in Json-schema library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2021-3918)

Summary Json-schema is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component CVE-2021-3918. Vulnerability Details CVEID: CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modificatio...

Security Bulletin: Vulnerability in Apache Struts library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2021-31805)

Summary Apache Struts is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes Apache Struts v2.5.30. Vulnerability Details CVEID: CVE-2021-31805 DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by a...

IBM WebSphere Application Server 7.0 < Fix Pack 27 Multiple Vulnerabilities

IBM WebSphere Application Server 7.0 before Fix Pack 27 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - A request validation error exists related to the proxy server component that could allow a remote attacker to cause the pro...