CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the default_create.log file that is associated with profile creation by the BBOWWPFx job and the zPMT. | 5 |
|||
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows attackers to perform unspecified "link injection" actions via unknown vectors. | 7.5 |
|||
Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related in part to "URL injection." | 4.3 |
|||
Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.9 on z/OS have unknown impact and attack vectors. | 7.5 |
|||
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors. | 7.8 |