IBM InfoSphere Master Data Management is vulnerable to a cross-site scripting (XSS) Attack and could allow users to embed arbitrary JavaScript code in the Web UI and lead to disclosure of credentials.
CVE(s): CVE-2017-1199
Affected product(s) and affected version(s):
This vulnerability is known to affect the following offerings:
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hnzin1
X-Force Database: http://ift.tt/2f8z3vb
The post IBM Security Bulletin: IBM InfoSphere Master Data Management Server is vulnerable to cross-site scripting (XSS) Attack (CVE-2017-1199) appeared first on IBM PSIRT Blog.
| Affected IBM InfoSphere Master Data Management Server | Affected Versions |
| IBM InfoSphere Master Data Management Server | 10.1 |
| IBM InfoSphere Master Data Management Server | 11.0 |
| IBM InfoSphere Master Data Management Server | 11.3 |
| IBM InfoSphere Master Data Management Server | 11.4 |
| IBM InfoSphere Master Data Management Server | 11.5 |
| IBM InfoSphere Master Data Management Server | 11.6 |
from IBM Product Security Incident Response Team http://ift.tt/2hnT1D9
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.