2 matches found
Security Bulletin: In IBM InfoSphere Information Server, the Information Services Catalog interface is vulnerable to various web UI vulnerabilities (CVE-2013-3034, CVE-2013-4057, CVE-2013-4059, CVE-2012-4819)
Summary The Information Services Catalog interface of the IBM InfoSphere Information Server web console is exposed to various well known web UI vulnerabilities: phishing through frames, cacheable SSL pages, link injection, cross-site request forgery and cross-site scripting. Vulnerability Details...
CVE-2013-3034
IBM InfoSphere Information Server contains a cross-site scripting (XSS) vulnerability (CVE-2013-3034) in the web console. The issue affects multiple versions (e.g., 8.1, 8.5, 8.7, 9.1) and can allow remote authenticated users to inject arbitrary script via the web console URLs. IBM’s bulletins sp...