PT-2026-53985 · Ibm · Ibm Websphere Application Server

Published

2026-06-30

·

Updated

2026-06-30

·

CVE-2026-11594

CVSS v3.1

8.5

High

VectorAV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server version 9.0 IBM WebSphere Application Server version 8.5
Description The administrative console contains a cross-site scripting (XSS) flaw, which occurs when an application includes untrusted data in a web page without proper validation or escaping, allowing a malicious script to execute in the victim's browser.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-11594

Affected Products

Ibm Websphere Application Server