Lucene search
China National Vulnerability DatabaseCNVD-2023-66735HistoryAug 29, 2023 - 12:00 a.m.
IBM Security Guardium Cross-Site Scripting Vulnerability (CNVD-2023-66735)
2023-08-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
ibm
security guardium
cross-site scripting
vulnerability
data protection
javascript
web ui
ibm security guardium 11.3
ibm security guardium 11.4
ibm security guardium 11.5
international business machines
0.0004 Low
EPSS
Percentile
13.1%
IBM Security Guardium is a suite of platforms from International Business Machines (IBM) that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A cross-site scripting vulnerability exists in IBM Security Guardium versions 11.3, 11.4, and 11.5, which stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to embed arbitrary JavaScript code in the Web UI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security guardium | eq | 11.3 | |
| ibm security guardium | eq | 11.4 | |
| ibm security guardium | eq | 11.5 |
Related
cvelist
cvelist
CVE-2023-30435 IBM Security Guardium cross-site scripting
2023-08-27 22:18:31
cve
cve
CVE-2023-30435
2023-08-27 23:15:33
nvd
nvd
CVE-2023-30435
2023-08-27 23:15:33
prion
prion
Cross site scripting
2023-08-27 23:15:00
