IBM WebSphere Application Server Hit by Critical XSS and Path Traversal Vulnerabilities
ID: 95deb6fe-541b-5293-81c7-a9f3b4cb5e81
STIX ID: report--95deb6fe-541b-5293-81c7-a9f3b4cb5e81
Feed Name: GBHackers
IBM disclosed multiple vulnerabilities in WebSphere Application Server (versions 8.5 and 9.0): two critical XSS flaws (CVE-2026-11712, CVE-2026-11708, CVSS 9.3) in the administrative console help system and a path-traversal issue (CVE-2026-11595, CVSS 4.3). Exploitation could allow administrative session hijacking and unauthorized access to sensitive files; IBM recommends applying interim fixes or upgrading to specified fix packs and restricting administrative access while patches are applied.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
