The host is running IBM WebSphere Application Server and is prone to cross-site request forgery vulnerabilities.
Successful exploitation will allow remote users to gain sensitive information and conduct other malicious activities. Impact Level: Application
Apply the patch from vendor link, http://www-01.ibm.com/software/webservers/appserv/was/
The flaws are due to by improper validation of user-supplied input in the Global Security panel and master configuration save functionality. which allows attacker to force a logged-in administrator to perform unwanted actions.
IBM WebSphere Application Server (WAS) 188.8.131.52 and prior.
- IBM WebSphere Application Server (WAS) XSS and CSRF Vulnerabilities
- Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
- IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability
- IIS Service Pack - 404
- Codebrws.asp Source Disclosure Vulnerability