3 matches found
CVE-2021-20405
creationtimestamp| type| source ---|---|--- 2021-02-11 20:42:58+00:00| seen| https://t.me/cibsecurity/23463...
CVE-2021-20405
CVE-2021-20405 affects IBM Security Verify Information Queue (ISIQ) versions 1.0.6 and 1.0.7. The root cause is improper encoding of output in web error/message handling, which could allow a user to perform unauthorized activities or disclose information via improperly encoded responses. IBM’s bu...
Security Bulletin: IBM Security Verify Information Queue does not properly encode error messages sent to web users (CVE-2021-20405)
Summary When an error occurs while using the IBM Security Verify Information Queue ISIQ web application, the status messages sent back to the user are not properly encoded. This could lead to information disclosure, which could then be leveraged in a phishing attack. As of v10.0.0, the ISIQ web...