Lucene search
IbmVULNRICHMENT:CVE-2024-27270HistoryMar 27, 2024 - 12:42 p.m.
CVE-2024-27270 IBM WebSphere Application Server Liberty cross-site scripting
2024-03-2712:42:52
CWE-79
ibm
github.com
4
ibm
websphere
xss
vulnerability
uri
javascript
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6 Medium
AI Score
Confidence
High
IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WebSphere Application Server Liberty",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "24.0.0.3",
"status": "affected",
"version": "23.0.0.3",
"versionType": "semver"
}
]
}
]Related
ibm
ibm
Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270)
2024-04-22 06:07:56
cvelist
cvelist
CVE-2024-27270 IBM WebSphere Application Server Liberty cross-site scripting
2024-03-27 12:42:52
cnvd
cnvd
nvd
nvd
CVE-2024-27270
2024-03-27 13:15:47
nessus
nessus
IBM WebSphere Application Server Liberty 23.0.0.3 < 24.0.0.4 XSS (7145231)
2024-03-27 00:00:00
cve
cve
CVE-2024-27270
2024-03-27 13:15:47
4.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
6 Medium
AI Score
Confidence
High
Related for VULNRICHMENT:CVE-2024-27270