|Category:||Information Leak / Disclosure|
Published on 18/12/14 - Updated on 08/09/17
IBM WebSphere Application Server 8.0.x before 184.108.40.206 and 8.5.x before 220.127.116.11 allows remote attackers to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL.
CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
No exploits available for this CVE in our database.