Authors: Created by IBM

IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console.This has been addressed in the remediation section. CVEID:  CVE-2023-26283^[1]
DESCRIPTION:  IBM WebSphere Application Server is vulnerable to cross-site scripting.This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score:5.4
...

Just published by IBM: Read more

Authors: Created by IBM

Customers installing WebSphere Application Server Developer Tools are encouraged to read all technotes before installation.The information on this page highlights key issues and related technical guidance for known issues with specific releases and environment configurations....

General known issues

Just published by IBM: Read more

Authors: Created by IBM

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available.You can track this item individually or track all items by product. Notify me when this APAR changes. Notify me when an APAR for...

Just published by IBM: Read more

Authors: Created by IBM

File link	File size	File description

...

Just published by IBM: Read more

Authors: Created by IBM

IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to HTTP request splitting when using mod_proxy or the Web Server Plug-in due to the included Apache HTTP Server.This has been addressed in the remediation section. CVEID:  CVE-2023-25690^[1]
DESCRIPTION:  Apache HTTP Server is vulnerable to HTTP request splitting attacks, caused by an error when mod_proxy is enabled along with some form of RewriteRule or...

Just published by IBM: Read more