- Home
- CVEs with nessus.description==IBM WebSphere Application Server 7.0 before Fix Pack 19 appears to be
running on the remote host. As such, it is potentially affected by
the following vulnerabilities :
- An open redirect vulnerability exists related to the
'logoutExitPage' parameter. This can allow remote
attackers to trick users into requesting unintended
URLs. (PM35701)
- The administrative console can display a stack trace
under unspecified circumstances and can disclose
potentially sensitive information to local users.
(PM36620)
- The Installation Verification Tool servlet (IVT) does
not properly sanitize user-supplied input of arbitrary
HTML and script code, which could allow cross-site
scripting attacks. (PM40733)
- A token verification error exists in the bundled
OpenSAML library. This error can allow an attacker to
bypass security controls with an XML signature wrapping
attack via SOAP messages. (PM43254)
- A directory traversal attack is possible via unspecified
parameters in the 'help' servlet. (PM45322)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top