Authors: Created by IBM

IBM WebSphere Application Server is vulnerable to clickjacking when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, apiDiscovery-1.0, openapi-3.0 or openapi-3.1.This has been addressed. CVEID:  CVE-2021-39038^[1]
DESCRIPTION:  IBM WebSphere Application Server could allow a remote attacker to hijack the clicking action of the...

Just published by IBM: Read more

Authors: Created by IBM

PH43760 resolves the following problem:ERROR DESCRIPTION:
IBM WebSphere Application Server is vulnerable to Clickjacking (CVE-2021-39038)  The APAR for this issue that applies to WebSphere Liberty isPH43223^[1]. PROBLEM SUMMARY:
IBM WebSphere Application Server is vulnerable to Clickjacking (CVE-2021-39038) PROBLEM CONCLUSION:
Confidential...

Just published by IBM: Read more

Authors: Created by IBM

WebSphere Liberty is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8) PH43817 resolves the following problem: ERROR DESCRIPTION: WebSphere Liberty is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8) PROBLEM SUMMARY: WebSphere Liberty...

Just published by IBM: Read more

Authors: Created by IBM

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more

Authors: Created by IBM

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more