Vulnerabilities > IBM > Websphere Application Server > 8.0.0.6

DATE CVE VULNERABILITY TITLE RISK
2013-08-21 CVE-2013-4005 Cross-Site Scripting vulnerability in IBM Websphere Application Server
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified fields.
network
ibm CWE-79
3.5
3.5
2013-08-21 CVE-2013-4004 Cross-Site Scripting vulnerability in IBM Websphere Application Server
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5
2013-08-21 CVE-2013-3029 Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server
Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences.
network
ibm CWE-352
6.8
6.8
2013-08-21 CVE-2013-2976 Information Exposure vulnerability in IBM Websphere Application Server
The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors.
local
ibm CWE-200
1.9
1.9
2013-08-21 CVE-2013-2967 Cross-Site Scripting vulnerability in IBM Websphere Application Server
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
4.3
4.3
2013-08-21 CVE-2013-0597 Cross-Site Scripting vulnerability in IBM Websphere Application Server
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0, when OAuth is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
3.5
3.5