Lucene search

PRIOn knowledge basePRION:CVE-2023-28529

HistoryMay 19, 2023 - 4:15 p.m.

Cross site scripting

2023-05-1916:15:00

PRIOn knowledge base

www.prio-n.com

cross site scripting

stored

web ui

credentials disclosure

ibm infosphere

ibm x-force

nvd

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.2%

JSON

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251213.

CPENameOperatorVersion
infosphere_information_servereq11.7

CPE	Name	Operator	Version
	infosphere_information_server	eq	11.7

References

exchange.xforce.ibmcloud.com/vulnerabilities/251213

www.ibm.com/support/pages/node/6988675