3 matches found
Security Bulletin: Security Vulnerability affecting FileNet Content Manager and IBM Content Foundation (CVE-2013-5462)
Summary A "Clickjacking" security vulnerability affects the IBM Content Navigator toolkit which is used by the Administration Console for Content Engine ACCE tool. This tool is packaged with both the FileNet Content Manager and IBM Content Foundation products. The Administration Console for Conte...
Security Bulletin: IBM Business Process Manager (BPM) document store is affected by clickjacking vulnerability in administrative tool for BPM document store (CVE-2013-5462)
Summary A clickjacking vulnerability has been reported for the administrative tool ACCE of the embedded component used by IBM BPM document store. Vulnerability Details CVEID: CVE-2013-5462 DESCRIPTION: The IBM Content Navigator application URL can be opened within a frame in a Web page. In this...
CVE-2013-5462
CVE-2013-5462 affects IBM Content Navigator (and its toolkit) versions 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001. The vulnerability allows clickjacking by loading the Content Navigator URL in a frame (header.jsp header) to capture user input such as credentials. IB...