3 matches found
CVE-2020-8339
The CVE-2020-8339 XSSI vulnerability affects the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to firmware 3.68n. An authenticated user can have credentials disclosed if lured to a malicious site (phishing) due to XSSI in AMM’s web UI; the JavaScript executes in the ...
CVE-2020-8339
A cross-site scripting inclusion XSSI vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module AMM web interface prior to version 3.68n BPET68N. This vulnerability could allow an authenticated user's AMM credentials to be disclosed if the user is convinced to visit a...
CVE-2016-6348
It was found that in some configurations the JacksonJsonpInterceptor is activated by default in RESTEasy. An attacker could use this flaw to launch a Cross Site Scripting Inclusion attack...