CNNVD-202508-1269 Information
CNNVD ID
CNNVD-202508-1269
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
IBM WebSphere Application Server Liberty是美国国际商业机器(IBM)公司的一款构建于Open Liberty项目之上的Java应用程序服务器。 IBM WebSphere Application Server Liberty 17.0.0.3至25.0.0.8版本存在跨站脚本漏洞,该漏洞源于存储型跨站脚本,可能导致凭据泄露。
Description (English)
IBM WebSphere Application Server Liberty is a Java application server built on the Open Liberty project by the United States International Business Machine (IBM). Versions 170.0.3 to 25.0.0.8 of IBM WebSphere Application Service 17.0.0.3 to 25.0.0.8 contain a cross-site script loophole, which originates from a storage-type cross-site script and may lead to a leak of evidence.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
国际商业机器
Published
2025-08-12
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7242026 https://access.redhat.com/security/cve/cve-2025-36000
Patch
https://www.ibm.com/support/pages/node/7242026
Share on: