Vulnerabilities
Vulnerable Software
Ibm:  >> Websphere Application Server  Security Vulnerabilities
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability.
CVSS Score
7.4
EPSS Score
0.004
Published
2026-06-30
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console.
CVSS Score
8.5
EPSS Score
0.003
Published
2026-06-30
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the apiDiscovery-1.0 feature enabled.
CVSS Score
8.5
EPSS Score
0.002
Published
2026-06-30
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled.
CVSS Score
7.2
EPSS Score
0.005
Published
2026-06-30
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled.
CVSS Score
7.1
EPSS Score
0.002
Published
2026-06-30
IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information from the administrative console's integrated help system.
CVSS Score
4.3
EPSS Score
0.005
Published
2026-06-30
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system.
CVSS Score
9.3
EPSS Score
0.002
Published
2026-06-30
IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system.
CVSS Score
9.3
EPSS Score
0.002
Published
2026-06-30
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery (SSRF) with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure.
CVSS Score
7.4
EPSS Score
0.002
Published
2026-06-22
IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
CVSS Score
7.5
EPSS Score
0.003
Published
2026-06-22


Contact Us

Shodan ® - All rights reserved