Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to weak TLS security, cross-site scripting, denial of service, and a server-side request forgery due to multiple vulnerabilities.

​IBM WebSphere Application Server Liberty for IBM i is vulnerable weaker than expected TLS security [CVE-2023-50312], cross-site scripting with JavaScript code [CVE-2024-27270], and sending specially crated requests to cause denial of service [CVE-2024-25026, CVE-2024-27268, CVE-2024-22353] and a server-side request forgery [CVE-2024-22329] as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerabilities as described in the remediation/fixes section. Read More