SymmetricalDataSecurity: IBM Security Bulletin: IBM B2B Advanced Communications is vulnerable to cross-site scripting due to the vulnerability of 10x (CVE-2016-5892)

Sunday, October 2, 2016

IBM Security Bulletin: IBM B2B Advanced Communications is vulnerable to cross-site scripting due to the vulnerability of 10x (CVE-2016-5892)

IBM B2B Advanced Communications is vulnerable to cross-site scripting due to the vulnerability of 10x. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality, potentially leading to credentials disclosure within a trusted session.

CVE(s): CVE-2016-5892

Affected product(s) and affected version(s):

IBM Multi-Enterprise Integration Gateway 1.0 – 1.0.0.1

IBM B2B Advanced Communications 1.0.0.2 – 1.0.0.5_1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2dR5OeM
X-Force Database: http://ift.tt/2dmYpAV

from IBM Product Security Incident Response Team http://ift.tt/2dR4KY4

SymmetricalDataSecurity

Sunday, October 2, 2016

IBM Security Bulletin: IBM B2B Advanced Communications is vulnerable to cross-site scripting due to the vulnerability of 10x (CVE-2016-5892)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews