← back
CVE-2015-7417

CVE-2015-7417

EPSS 1.1%
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 7.0 before 7.0.0.41, 8.0 before 8.0.0.12, and 8.5 before 8.5.5.9 allows remote authenticated users to inject arbitrary web script or HTML via crafted data from an OAuth provider.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PI49272http://www-01.ibm.com/support/docview.wss?uid=swg21974520http://www.securityfocus.com/bid/81738http://www.securitytracker.com/id/1034783