Lucene search
China National Vulnerability DatabaseCNVD-2021-82417HistoryOct 11, 2021 - 12:00 a.m.
IBM Sterling Order Management Cross-Site Scripting Vulnerability (CNVD-2021-82417)
2021-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
29.9%
IBM Sterling Order Management is an order management system that allows companies to seamlessly synchronize and manage the entire lifecycle of orders.A cross-site scripting vulnerability exists in IBM Sterling Order Management versions 9.4, 9.5, and 10.0. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality, which could lead to credential disclosure in a trusted session.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm ibm sterling order management | eq | 9.4 | |
| ibm ibm sterling order management | eq | 9.5 | |
| ibm ibm sterling order management | eq | 10.0 |
Related
prion
prion
Cross site scripting
2021-09-30 17:15:00
cve
cve
CVE-2021-20554
2021-09-30 17:15:07
ibm
ibm
nvd
nvd
CVE-2021-20554
2021-09-30 17:15:07
cvelist
cvelist
CVE-2021-20554
2021-09-29 00:00:00