CVE-2021-39038
published 2022-02-24CVE-2021-39038: IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 213968.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_application_server | — | — |
| ibm | websphere_application_server | 17.0.0.3 – 22.0.0.2 | — |
| ibm | websphere_application_server | >= 9.0.0.0 < 9.0.5.12 | 9.0.5.12 |
| ibm | websphere_application_server_liberty | — | — |
| ibm | websphere_application_server_liberty | — | — |