Tuesday, March 31, 2020

Security Bulletin: Vulnerability in jQuery affects IBM Tririga Application Platform (CVE-2019-11358)

Mar 31, 2020 8:01 pm EDT

Categorized: Medium Severity

Share this post:

jQuery used by IBM Tririga Application Platform is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim’s Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM TRIRIGA Application Platform 3.5.3
IBM TRIRIGA Application Platform 3.6.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6147993



from IBM Product Security Incident Response Team https://ift.tt/2wRWbYe

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.