Vulnerabilities > IBM > Websphere Extreme Scale > 8.6.1.1

DATE CVE VULNERABILITY TITLE RISK
2021-01-06 CVE-2020-4336 Information Exposure vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL parameters.
network
low complexity
ibm CWE-200
5.0
2019-09-30 CVE-2019-4115 Cross-site Scripting vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-09-30 CVE-2019-4112 Improper Privilege Management vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-269
3.3
2019-09-30 CVE-2019-4109 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
6.1
2019-09-30 CVE-2019-4106 Cross-site Scripting vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
4.8