Cross site scripting

2021-01-0414:15:00

PRIOn knowledge base

www.prio-n.com

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390.

CPENameOperatorVersion
cloud_pak_systemge2.3.0.0
cloud_pak_systemlt2.3.3.3

CPE	Name	Operator	Version
	cloud_pak_system	ge	2.3.0.0
	cloud_pak_system	lt	2.3.3.3

References

exchange.xforce.ibmcloud.com/vulnerabilities/191390

www.ibm.com/support/pages/node/6393554