IBM WebSphere Application Server is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user and gain access to the affected application other attacks are also possible. IBM WebSphere Application Server versions prior to 184.108.40.206 are vulnerable other versions may also be affected.
Vendor fixes are available. Please see the references for more information.
- Apache HTTP Server Scoreboard Security Bypass Vulnerability (Windows)
- Apache Tomcat Session Fixation Vulnerability (Windows)
- IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability
- iWeb Server URL Directory Traversal Vulnerability
- CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability