Описание
IBM Security Identity Manager 6.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153748.
Ссылки
- Third Party Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
- Third Party Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
IBM Security Identity Manager 6.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153748.
Уязвимость программного обеспечения IBM Security Identity Manager, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю выполнить произвольный код
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2