IBM WebSphere Application Server z/OS Cross Site Scripting and Unspecified Vulnerabilities

IBM WebSphere Application Server z/OS Cross Site Scripting and Unspecified Vulnerabilities

IBM WebSphere Application Server for z/OS is prone to a cross-site scripting vulnerability and an unspecified vulnerability.

An attacker can exploit this issue to execute arbitrary script code within the context of the application and steal cookie-based authentication credentials. Other attacks are also possible.

IBM WebSphere Application Server versions prior to 7.0.0.21 are vulnerable.