Security Bulletin: IBM Workload Scheduler potentially vulnerable to cross site scripting

Summary Dynamic Workload Console for IBM Workload Scheduler is potentially affected by cross site vulnerability: after loginit is possible to modify one of the outgoing requests in this loading process and obtain a response that generates an alert in the browser, using both HTTP methods, GET and...

CVE-2020-4380

IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179160...

CVE-2020-4380

CVE-2020-4380 affects IBM Workload Scheduler (Dynamic Workload Console) 9.3.0.4 and earlier. The issue is a cross-site scripting (XSS) vulnerability in the Web UI that can cause arbitrary JavaScript execution within a trusted session, potentially enabling credential disclosure. IBM’s bulletin not...

IBM Workload Scheduler Cross-Site Scripting Vulnerability

IBM Workload Scheduler is a suite of enterprise task scheduling software from IBM in the United States. The software automates the control of workloads. A cross-site scripting vulnerability exists in IBM Workload Scheduler 9.3.0.4 and earlier versions. An attacker can exploit this vulnerability t...