IBM WebSphere Application Server 8.5.0.0 < 8.5.5.24, 9.0.0.0 < 9.0.5.16 XSS (6986333)

Version 1.2

May 5, 2023, 2:01 PM

CVSS metrics ("CVSSv2 score" changed from 3.5 to 6.4. "CVSSv2 score" changed from 3.5 to 6.4. "CVSSv3 score" changed from 5.4 to 6.1. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv3 score" changed from 5.4 to 6.1. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N". "CVSSv3 score" changed from 5.4 to 6.1)
CVSSv2 severity (based on CVE-2023-24966, severity increased from "Low" to "Medium")
CVSSv3 score source (set to "CVE-2023-24966")
Exploit attributes ("Exploit available" set to "False")