Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM73ADDE18DBD536B3EA9404B1DEE4E459D723E8E3CBF5A0B1E0CB1E92CBAAE990
HistoryApr 02, 2021 - 3:43 a.m.

Security Bulletin: Cross-site scripting vulnerability affects IBM Edge (CVE-2020-4792)

2021-04-0203:43:23
www.ibm.com
7
ibm edge
cross-site scripting
vulnerability
resolved
docker images
ibm entitled registry

EPSS

0.001

Percentile

19.6%

JSON

Summary

IBM Edge is affected by a cross-site scripting vulnerability. IBM Edge has resolved the vulnerability.

Vulnerability Details

CVEID:CVE-2020-4792
**DESCRIPTION:**IBM Edge is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/189441 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Edge 4.2

Remediation/Fixes

The fix/upgrade is a set of docker images, that will automatically be pulled and deployed from both dockerhub and the IBM Entitled Registry

Workarounds and Mitigations

None

Related

cvelist 1
prion 1
cve 1
nvd 1
cvelist
cvelist
CVE-2020-4792
2021-04-05 16:20:16
prion
prion
Cross site scripting
2021-04-05 17:15:00
cve
cve
CVE-2020-4792
2021-04-05 17:15:12
nvd
nvd
CVE-2020-4792
2021-04-05 17:15:12

EPSS

0.001

Percentile

19.6%

JSON
Related for 73ADDE18DBD536B3EA9404B1DEE4E459D723E8E3CBF5A0B1E0CB1E92CBAAE990
cvelist1prion1cve1nvd1