Vulnerabilities > IBM > Websphere Application Server > 9.0.5.4

DATE CVE VULNERABILITY TITLE RISK
2020-09-21 CVE-2020-4643 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
5.0
2020-09-10 CVE-2020-4578 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2020-08-27 CVE-2020-4575 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
network
ibm CWE-79
4.3
2020-06-05 CVE-2020-4450 Deserialization of Untrusted Data vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects.
network
low complexity
ibm CWE-502
critical
10.0