Cross site scripting

2014-02-0115:55:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted text value.

CPENameOperatorVersion
financial_transaction_managereq2.0.0.2
financial_transaction_managereq2.0.0.0
financial_transaction_managereq2.0.0.1

Name	Operator	Version
financial_transaction_manager	eq	2.0.0.2
financial_transaction_manager	eq	2.0.0.0
financial_transaction_manager	eq	2.0.0.1

References

www-01.ibm.com/support/docview.wss?uid=swg21662714

exchange.xforce.ibmcloud.com/vulnerabilities/90586