Websphere Application Server Security Vulnerabilities and Issues — Websphere Application Server CVE List

Lucene search

IbmWebsphere Application Server

3 matches found

CVE•added 2024/10/16 5:15 p.m.•48 views

CVE-2024-45071

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.5CVSS4.9AI score0.00114EPSS

CVE•added 2024/10/16 5:15 p.m.•48 views

CVE-2024-45072

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources.

5.5CVSS5.3AI score0.00108EPSS

CVE•added 2024/10/15 10:15 p.m.•41 views

CVE-2024-45085

IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service.

7.5CVSS5.8AI score0.00076EPSS