Vulnerabilities > IBM > Websphere Application Server > 6.0.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-04 | CVE-2005-3498 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive information. | 4.3 |