Описание
IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ibm:watsonx.data:2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00045
Низкий
5.5 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.5
github
5 месяцев назад
IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
EPSS
Процентиль: 14%
0.00045
Низкий
5.5 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-79