#VU75531 Cross-site scripting in IBM WebSphere Application Server - CVE-2023-24966


Vulnerability identifier: #VU75531

Vulnerability risk: Medium

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-24966

CWE-ID: CWE-79

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
IBM WebSphere Application Server
Server applications / Application servers

Vendor: IBM Corporation

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the Web UI. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

IBM WebSphere Application Server: 8.5 - 8.5.5.23, 9.0 - 9.0.5.14

External links
http://www.ibm.com/support/pages/node/6986333

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Cross-site scripting in IBM Workload Scheduler
Multiple vulnerabilities in IBM Tivoli Monitoring
Multiple vulnerabilities in IBM Engineering Lifecycle Engineering
IBM Operations Analytics Predictive Insights update for IBM WebSphere Application Server
Cross-site scripting in Jazz for Service Management (JazzSM)
Cross-site scripting in IBM Intelligent Operations Center
XSS in IBM WebSphere Remote Server
XSS in IBM Business Monitor
XSS in IBM WebSphere Application Server