Cross site scripting

2023-06-0801:15:00

PRIOn knowledge base

www.prio-n.com

ibm

txseries

multiplatforms

cross-site scripting

web ui

credentials disclosure

0.001 Low

EPSS

Percentile

33.3%

JSON

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 257100.

CPENameOperatorVersion
cics_txeq10.1
cics_txeq11.1
cics_txeq11.1
txseries_for_multiplatformeq8.1
txseries_for_multiplatformge8.2
txseries_for_multiplatformlt8.2.0.2
txseries_for_multiplatformge9.1
txseries_for_multiplatformlt9.1.0.2

Name	Operator	Version
cics_tx	eq	10.1
cics_tx	eq	11.1
cics_tx	eq	11.1
txseries_for_multiplatform	eq	8.1
txseries_for_multiplatform	ge	8.2
txseries_for_multiplatform	lt	8.2.0.2
txseries_for_multiplatform	ge	9.1
txseries_for_multiplatform	lt	9.1.0.2