2 matches found
Security Bulletin: TRIRIGA Application Platform Cross Site Scripting Vulnerabilities. (CVE-2014-8893)
Summary IBM TRIRIGA Application Platform is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the...
CVE-2014-8893
CVE-2014-8893 has concrete details in IBM TRIRIGA Application Platform: XSS in mainpage.jsp and GetImageServlet.img affecting versions 3.2.1.x, 3.3.2.x (≤3.3.2.2) and 3.4.1.x (≤3.4.1.1). Root cause is improper input validation allowing remote authenticated users to inject script via crafted URLs,...