Authors: Created by IBM


IBM WebSphere Application Server is affected by a cross-site request forgery vulnerability when using the Administrative Console. CVEID:  CVE-2026-8408[1]
DESCRIPTION:  IBM WebSphere Application Server is affected by a cross-site request forgery, caused by improper validation of user-supplied input to the Administrative Console.By persuading an authenticated, privileged user to visit a malicious URL during a limited timing window, a remote attacker could send a specially-crafted request...

Just published by IBM: Read more