Ibm: >> Websphere Application Server >> 9.0.0.7 Security Vulnerabilities
IBM WebSphere Application Server 9 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 137031.
CVSS Score
5.3
EPSS Score
0.005
Published
2018-03-22
Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
CVSS Score
4.3
EPSS Score
0.002
Published
2010-05-27
Page 8