CVE-2026-8620

Published: Mag 26, 2026 Last Modified: Mag 26, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,5

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: changed

Confidentiality: high

Integrity: low

Availability: none

Description

AI Translation Available

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request.

444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Non-Repudiation Access Control

Potential Impacts:

Unexpected State Hide Activities Bypass Protection Mechanism

Applicable Platforms

Technologies: Web Based, Web Server

View CWE Details

https://www.ibm.com/support/pages/node/7274072

CVE-2026-8620

Description

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter