Ibm

Websphere Application Server

443 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2013-5418

  • EPSS 0.16%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML ...

4.3

CVE-2013-0596

  • EPSS 0.27%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2013-4052

  • EPSS 0.27%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the UDDI Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web...

6.8

CVE-2013-4053

  • EPSS 0.4%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured...

4.3

CVE-2013-2967

  • EPSS 0.33%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 allows remote attackers to inject arbitrary web scri...

1.9

CVE-2013-2976

  • EPSS 0.05%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via ...

6.8

CVE-2013-3029

  • EPSS 0.16%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authent...

3.5

CVE-2013-4004

  • EPSS 0.16%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vector...

3.5

CVE-2013-4005

  • EPSS 0.16%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrar...

3.5

CVE-2013-0597

  • EPSS 0.16%
  • Veröffentlicht 21.08.2013 21:55:05
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0, when OAuth is used, allows remote authenticated users to inject arbitrary web script or HTML via unspe...