IBM WebSphere Application Server is an application server product. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. An entity injection vulnerability exists in IBM WebSphere Application Server. The vulnerability is due to the susceptibility of the affected version to XML External Entity Injection (XXE) attacks when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CPE | Name | Operator | Version |
---|---|---|---|
ibm websphere application server >=8.5.0.0,<8. | eq | 5.5.24 | |
ibm websphere application server >=9.0.0.0,<9. | eq | 0.5.16 |