IBM Security Bulletin: IBM Content Navigator Cross Site Scripting Vulnerability

This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality, potentially leading to credentials disclosure within a trusted session.

CVE(s): CVE-2017-1146

Affected product(s) and affected version(s):

IBM Content Navigator versions 2.0.3
IBM Content Navigator versions 3.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2nevd2D
X-Force Database: http://ift.tt/2mlNAor

The post IBM Security Bulletin: IBM Content Navigator Cross Site Scripting Vulnerability appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2nerj9M