CVE-2024-27270
published 2024-03-27CVE-2024-27270: IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | websphere_application_server | >= 23.0.0.3 < 24.0.0.4 | 24.0.0.4 |
| ibm | websphere_application_server_liberty | 23.0.0.3 – 24.0.0.3 | — |