Page 2 of 11 results (0.008 seconds)

CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0

IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576. IBM WebSphere Application Server Liberty 23.0.0.3 a 24.0.0.3 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en un URI especialmente manipulado. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284576 https://www.ibm.com/support/pages/node/7145231 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711. IBM WebSphere Application Server Liberty 17.0.0.3 a 24.0.0.2 podría proporcionar una seguridad más débil de lo esperado para las conexiones TLS salientes causadas por una falla al respetar la configuración del usuario. ID de IBM X-Force: 274711. • https://exchange.xforce.ibmcloud.com/vulnerabilities/274711 https://www.ibm.com/support/pages/node/7125527 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775. IBM WebSphere Application Server Liberty 23.0.0.9 a 23.0.0.10 podría proporcionar una seguridad más débil de lo esperado debido a un manejo inadecuado de la caducidad de recursos. ID de IBM X-Force: 268775. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268775 https://www.ibm.com/support/pages/node/7058356 • CWE-613: Insufficient Session Expiration •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604. IBM WebSphere Application Server Liberty versiones 17.0.0.3 hasta 22.0.0.7 y Open Liberty son vulnerables a una suplantación de identidad por parte de un usuario autenticado usando una petición especialmente diseñada. IBM X-Force ID: 225604 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225604 https://www.ibm.com/support/pages/node/6602015 • CWE-290: Authentication Bypass by Spoofing •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603. IBM WebSphere Application Server Liberty y Open Liberty 17.0.0.3 a 22.0.0.5 son vulnerables a la suplantación de identidad por parte de un usuario autenticado. ID de IBM X-Force: 225603 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225603 https://www.ibm.com/support/pages/node/6586734 •