Tuesday, March 31, 2020

Security Bulletin: WebSphere Application Server Liberty is vulnerable to Cross-site Scripting (CVE-2020-4303, CVE-2020-4304)

There is a cross-site scripting vulnerability in the OAuth, OpenID Connect and SAML features. This has been addressed.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
WebSphere Application Server Liberty 17.0.0.3 – 20.0.0.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6147195

The post Security Bulletin: WebSphere Application Server Liberty is vulnerable to Cross-site Scripting (CVE-2020-4303, CVE-2020-4304) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2UV4Cda
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)