2 matches found
CVE-2016-9692
The CVE affects IBM WebSphere Cast Iron Solution versions 7.0.0 and 7.5.0.0, where improper validation of user-supplied input enables External Service Interaction. An attacker can induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names, potentially cau...
CVE-2016-9691
CVE-2016-9691—IBM WebSphere Cast Iron Solution : Affected products are WebSphere Cast Iron Solution 7.0.0 and 7.5.0.0. The flaw is an XML External Entity (XXE) vulnerability in XML data processing, enabling a remote attacker to cause a denial of service and potentially expose sensitive informatio...