|Category:||Information Leak / Disclosure|
Published on 18/12/14 - Updated on 08/09/17
IBM WebSphere Application Server 8.0.x before 22.214.171.124 and 8.5.x before 126.96.36.199 allows remote attackers to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL.
CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
No exploits available for this CVE in our database.