Vulnerabilities > IBM > Websphere Application Server > 20.0.0.2

DATE CVE VULNERABILITY TITLE RISK
2020-05-06 CVE-2020-4421 Improper Authentication vulnerability in IBM Websphere Application Server
IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify.
network
low complexity
ibm CWE-287
5.5
5.5
2020-05-06 CVE-2020-10693 Improper Input Validation vulnerability in multiple products
A flaw was found in Hibernate Validator version 6.1.2.Final.
network
low complexity
redhat ibm quarkus oracle CWE-20
5.3
5.3
2020-04-28 CVE-2020-4329 Information Exposure vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking.
network
low complexity
ibm CWE-200
4.0
4.0
2020-04-02 CVE-2020-4304 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3
2020-04-02 CVE-2020-4303 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting.
network
ibm CWE-79
4.3
4.3