- Home
- CVEs with nessus.description==The IBM WebSphere Application Server running on the remote host is
version 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.14, 8.5 prior to
8.5.5.12, or 9.0 prior to 9.0.0.3. It is, therefore, affected by
multiple cross-site scripting (XSS) vulnerabilities in the Admin
Console due to a failure to validate input before returning it to
users. An authenticated, remote attacker can exploit these, via a
specially crafted URL, to execute arbitrary script code in a user's
browser session within the security context of the hosting website.
Note that Nessus has not checked for the Interim Fix for these issues
but has instead relied only on the application's self-reported version
number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top