Design/Logic Flaw

2018-08-2211:29:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 143744.

CPENameOperatorVersion
api_connectge5.0.0.0
api_connectle5.0.8.3
api_connectge2018.1
api_connectle2018.3.4

Name	Operator	Version
api_connect	ge	5.0.0.0
api_connect	le	5.0.8.3
api_connect	ge	2018.1
api_connect	le	2018.3.4

References

www.ibm.com/support/docview.wss?uid=swg22016672

exchange.xforce.ibmcloud.com/vulnerabilities/143744