Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2013-5414

  • EPSS 0.16%
  • Published 18.11.2013 05:23:57
  • Last modified 11.04.2025 00:51:21

The migration functionality in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 does not properly support the distinction between the admin role and the adminsecmanager role, which allows remote a...

4.3

CVE-2013-5417

  • EPSS 0.27%
  • Published 18.11.2013 05:23:57
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data.

3.5

CVE-2013-5418

  • EPSS 0.16%
  • Published 18.11.2013 05:23:57
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML ...

4.3

CVE-2013-0596

  • EPSS 0.27%
  • Published 20.09.2013 21:55:05
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2013-4052

  • EPSS 0.27%
  • Published 20.09.2013 21:55:05
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the UDDI Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web...

6.8

CVE-2013-4053

  • EPSS 0.4%
  • Published 20.09.2013 21:55:05
  • Last modified 11.04.2025 00:51:21

The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured...

4.3

CVE-2013-2967

  • EPSS 0.21%
  • Published 21.08.2013 21:55:06
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 allows remote attackers to inject arbitrary web scri...

1.9

CVE-2013-2976

  • EPSS 0.05%
  • Published 21.08.2013 21:55:06
  • Last modified 11.04.2025 00:51:21

The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via ...

6.8

CVE-2013-3029

  • EPSS 0.12%
  • Published 21.08.2013 21:55:06
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authent...

3.5

CVE-2013-4004

  • EPSS 0.16%
  • Published 21.08.2013 21:55:06
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vector...