3 matches found
Security Bulletin: IBM QRadar SIEM contains vulnerable components and libraries. (CVE-2015-0176, CVE-2016-0379, CVE-2016-3052)
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2015-0176 DESCRIPTION: IBM WebSphere MQ is vulnerable to reflected cross-site scripting, caused by improper validation of...
Security Bulletin: IBM WebSphere MQ XR WebSockets listener is vulnerable to reflected cross-site scripting (CVE-2015-0176)
Summary MQ XR WebSockets Listener does not properly sanitize URI in error response which could be used in a reflected cross-site scripting attack. Vulnerability Details CVEID: CVE-2015-0176 DESCRIPTION: IBM WebSphere MQ is vulnerable to reflected cross-site scripting, caused by improper validatio...
CVE-2015-0176
CVE-2015-0176 describes a reflected cross-site scripting (XSS) vulnerability in the IBM WebSphere MQ XR WebSockets Listener. According to IBM and NVD sources, the issue arises from improper validation/sanitation of user-supplied input in the URI, which can be included in an error response and cau...