IBM WebSphere Application Server ND 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
CVEID:CVE-2020-4575
**DESCRIPTION:**IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
CVSS Base score: 4.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/184363 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
InfoSphere Master Data Management | 11.6 |
Principal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin |
---|---|---|
IBM InfoSphere Master Data Management 11.6 | ||
IBM WebSphere Application Server versions 9.0. |
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | infosphere_master_data_management | 11.6 | cpe:2.3:a:ibm:infosphere_master_data_management:11.6:*:*:*:*:*:*:* |