vulnerability
IBM WebSphere Application Server: CVE-2015-7417: Cross-site scripting vulnerability in IBM WebSphere Application Server (CVE-2015-7417)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Jan 23, 2016 | Apr 27, 2018 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Jan 23, 2016
Added
Apr 27, 2018
Modified
Aug 11, 2025
Description
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 7.0 before 7.0.0.41, 8.0 before 8.0.0.12, and 8.5 before 8.5.5.9 allows remote authenticated users to inject arbitrary web script or HTML via crafted data from an OAuth provider.
Solutions
ibm-was-install-7-0-0-0-pi49272ibm-was-install-8-0-0-0-pi49272ibm-was-install-8-5-0-0-pi49272ibm-was-install-8-5-0-0-pi49272-libertyibm-was-upgrade-7-0-0-0-7-0-0-41ibm-was-upgrade-8-0-0-0-8-0-0-12ibm-was-upgrade-8-5-0-0-8-5-5-9ibm-was-upgrade-8-5-0-0-8-5-5-9-liberty
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.