Vulnerabilities > IBM > Websphere Commerce > 9.0.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-13 | CVE-2018-1808 | Code Injection vulnerability in IBM Websphere Commerce IBM WebSphere Commerce 9.0.0.0 through 9.0.0.6 could allow some server-side code injection due to inadequate input control. | 8.8 |
| 2018-10-24 | CVE-2018-1541 | Cross-site Scripting vulnerability in IBM Websphere Commerce IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. | 5.4 |