13216 matches found
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by cross-site scripting
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by cross-site scripting CVE-2025-12635 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...
CVE-2025-12635
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...
EUVD-2025-201831
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...
CVE-2025-12635
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...
CVE-2025-12635
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...
CVE-2025-12635 IBM WebSphere Application Server and WebSphere Application Server Liberty Cross-Site Scripting
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...
CVE-2025-12635
CVE-2025-12635 is a cross-site scripting vulnerability in IBM WebSphere Application Server and related bundles (WAS Liberty 17.0.0.3–25.0.0.12; WAS 8.5 and 9.0). It arises from improper validation of user-supplied input, enabling an attacker to lure a user to a malicious site via a crafted URL. I...
CVE-2025-12635 IBM WebSphere Application Server and WebSphere Application Server Liberty Cross-Site Scripting
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site scripting due to improper validation of user-supplied input. An attacker could exploit this vulnerability by using a specially crafted URL to redirect the...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by cross-site scripting (CVE-2025-12635)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by cross-site scripting. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are affected by cross-site scripting due to...
IBM WebSphere Application Server(WAS)和IBM WebSphere Application Server Liberty 跨站脚本漏洞
IBM WebSphere Application Server WAS and IBM WebSphere Application Server Liberty are both products of International Business Machines IBM.IBM WebSphere Application Server is an application server IBM WebSphere Application Server is an application server product. The product is a platform for...
PT-2025-49590
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 8.5 and 9.0 IBM WebSphere Application Server Liberty versions 17.0.0.3 through 25.0.0.12 Description The software is susceptible to cross-site scripting due to insufficient validation of user-provided...
IBM WebSphere Application Server 8.5.x < 8.5.5.29 / 9.x < 9.0.5.27 / Liberty 17.0.0.3 < 26.0.0.1 XSS (7254078)
The version of IBM WebSphere Application Server running on the remote host is affected by a XSS vulnerability as referenced in the 7254078 advisory. - IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site...
Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36047)
Summary IBM WebSphere Application Server Liberty is vulnerable to DoS by sending a specially-crafted request attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center Vulnerability Details CVEID:CVE-2025-36047 DESCRIPTION: IBM WebSphere Application Server...
Security Bulletin: DoS vulnerability in Apache Commons FileUpload vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-48976)
Summary IBM WebSphere Application Server Liberty is vulnerable to DoS in Apache Commons FileUpload attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers...
Security Bulletin: JMS messaging configuration vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36124)
Summary IBM WebSphere Application Server Liberty is vulnerable to JMS messaging configuration attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center. Vulnerability Details CVEID:CVE-2025-36124 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3...
Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36097)
Summary IBM WebSphere Application Server Liberty is vulnerable to a denial of service attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center. Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere...
Security Bulletin: Cross Site Scripting vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36000)
Summary IBM WebSphere Application Server Liberty is vulnerable to stored cross-site scripting which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center Vulnerability Details CVEID:CVE-2025-36000 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through...
Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36732)
Summary IBM WebSphere Application Server Liberty is vulnerable to DoS by sending a specially-crafted request attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 fo...
Security Bulletin: Security Configuration vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2024-56339)
Summary IBM WebSphere Application Server Liberty is vulnerable to a security configuration attack which can affect IBM Spectrum Protect formerly Tivoli Storage Manager Operations Center. Vulnerability Details CVEID:CVE-2024-56339 DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere...
Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms.
Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these vulnerabilities Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js...