IBM WebSphere Commerce User Information Disclosure Vulnerability
WebSphere Commerce Versions 220.127.116.11 to 18.104.22.168
WebSphere Commerce Versions 22.214.171.124 to 126.96.36.199
A vulnerability in WebSphere Commerce could allow disclosure of user personal data.
A remote unauthenticated attacker could exploit a security vulnerability in WebSphere Commerce to expose user personal data. The attack can be performed manually and the effort required is comparatively low.
A vulnerability has been reported in WebSphere Commerce, which can be exploited by malicious people to gain knowledge of sensitive information.
Refer to IBM Security Bulletin 1612484 for patch, upgrade or suggested workaround information.