Known Vulnerabilities
CVE-2020-4229
IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session. IBM X-Force ID: 175211.
MEDIUM
CVSS 5.6
Published Jun 05, 2020
CVE-2020-4226
IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 175207.
MEDIUM
CVSS 5.9
Published May 27, 2020