IBM Security Guardium is a suite of platforms from International Business Machines (IBM) that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A cross-site scripting vulnerability exists in IBM Security Guardium versions 11.3, 11.4, and 11.5, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to embed arbitrary JavaScript code in the Web UI.
CPE | Name | Operator | Version |
---|---|---|---|
ibm security guardium | eq | 11.3 | |
ibm security guardium | eq | 11.4 | |
ibm security guardium | eq | 11.5 |