IBM WebSphere Application Server Cross-Site Scripting Vulnerability (CNVD-2024-30215)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM...

GitHub Security Lab: [Java]: CWE-552 Add sources and sinks to detect unsafe getResource calls in Java EE applications

This bug was reported directly to GitHub Security Lab...