IBM WebSphere Application Server 8.0.x prior to 8.0.0.10 and 8.5.x prior to 8.5.5.4 allows remote malicious users to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 8.0.0.7 |
||
ibm websphere application server 8.0.0.8 |
||
ibm websphere application server 8.5.5.2 |
||
ibm websphere application server 8.5.5.3 |
||
ibm websphere application server 8.0.0.0 |
||
ibm websphere application server 8.0.0.1 |
||
ibm websphere application server 8.0.0.2 |
||
ibm websphere application server 8.0.0.9 |
||
ibm websphere application server 8.5.0.0 |
||
ibm websphere application server 8.0.0.3 |
||
ibm websphere application server 8.0.0.4 |
||
ibm websphere application server 8.5.0.1 |
||
ibm websphere application server 8.5.0.2 |
||
ibm websphere application server 8.0.0.5 |
||
ibm websphere application server 8.0.0.6 |
||
ibm websphere application server 8.5.5.0 |
||
ibm websphere application server 8.5.5.1 |