IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, allows remote malicious users to bypass authentication via a modified pnl parameter, related to hod/HODAdmin.html and hod/frameset.html.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere host on-demand 8.0 |
||
ibm websphere host on-demand 9.0 |
||
ibm websphere host on-demand 6.0 |
||
ibm websphere host on-demand 7.0 |