CVE-2019-4285

State: PUBLISHED · Published: 2019-07-30 · Updated: 2024-09-16 · Assigner: ibm

Description

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513.

CWE

(none)

Affected

IBM / WebSphere Application Server — v=Liberty [affected]

CVSS

3.0 score=5.4 severity=MEDIUM CVSS:3.0/AC:L/PR:L/I:L/UI:R/AV:N/C:L/S:C/A:N/RC:C/RL:O/E:U

References

https://www.ibm.com/support/docview.wss?uid=ibm10884064 x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/160513 vdb-entry, x_refsource_XF

Source

cvelistV5-main/cves/2019/4xxx/CVE-2019-4285.json