Описание
IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ibm:cics_tx:10.1:*:*:*:advanced:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:advanced:*:*:*
cpe:2.3:a:ibm:cics_tx:11.1.0.0:-:*:*:standard:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00209
Низкий
7.2 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 7.2
github
около 1 года назад
IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
EPSS
Процентиль: 43%
0.00209
Низкий
7.2 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79