IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an malicious user to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere_application_server |