IBM Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability ( CVE-2018-1429).

IBM MQ Appliance has addressed a Web UI cross-site scripting vulnerability.

CVE(s): CVE-2018-1429

Affected product(s) and affected version(s):

IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release

Continuous delivery updates between 9.0.1 and 9.0.4

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22014046
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139077

The post IBM Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability ( CVE-2018-1429). appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2FTQJY1