Vulnerabilities > IBM > Websphere Application Server > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-13 | CVE-2022-22393 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. network ibm | 3.5 |
| 2022-02-24 | CVE-2021-39038 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2021-03-10 | CVE-2020-5016 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. | 3.5 |
| 2020-09-30 | CVE-2020-4629 | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. | 2.1 |
| 2020-09-10 | CVE-2020-4578 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. | 3.5 |
| 2019-12-10 | CVE-2019-4663 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. | 3.5 |
| 2019-09-17 | CVE-2019-4271 | Improper Input Validation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. | 3.5 |
| 2019-07-30 | CVE-2019-4285 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Application Server IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2019-02-19 | CVE-2018-1996 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. | 3.5 |
| 2018-12-10 | CVE-2018-1957 | Information Exposure vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequest#authenticate() API when an unprotected URI is accessed. | 2.1 |