Vulnerabilities > IBM > Websphere Commerce > 8.0.3.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-24 | CVE-2018-1541 | Cross-site Scripting vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. | 5.4 |
| 2018-08-27 | CVE-2018-1644 | Information Exposure vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user. | 4.3 |