There is a cross-site scripting vulnerability in the OAuth, OpenID Connect and SAML features. This has been addressed.
Affected product(s) and affected version(s):
Affected Product(s) | Version(s) |
WebSphere Application Server Liberty | 17.0.0.3 – 20.0.0.3 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6147195
The post Security Bulletin: WebSphere Application Server Liberty is vulnerable to Cross-site Scripting (CVE-2020-4303, CVE-2020-4304) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2UV4Cda
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.