Security Bulletin: IBM QRadar Incident Forensics is vulnerable to a cross site scripting attack. (CVE-2015-1995)

Summary Several locations in QRadar Incident Forensics could allow attackers to insert JavaScript thus modifying the UI functionality. Vulnerability Details CVE-ID: CVE-2015-1995 Description: IBM QRadar Incident Forensics is vulnerable to cross-site scripting, caused by improper validation of...

Security Bulletin: IBM QRadar SIEM is vulnerable to Cross Site Scripting attacks. (CVE-2015-1995)

Summary Several locations in the QRadar Console allow attackers to insert JavaScript thus modifying the UI functionality. Vulnerability Details CVE-ID: CVE-2015-1995 Description: IBM QRadar is vulnerable to cross-site scripting, caused by improper validation of user supplied input. A remote...

CVE-2015-1995

IBM QRadar Incident Forensics 7.2.x (pre-7.2.5 Patch 5) is affected by cross-site scripting via specially crafted URLs, enabling remote attackers to inject arbitrary script/HTML. Root cause: improper input validation in the UI paths; impact includes potential cookie-based credential exposure. Rem...

CVE-2015-1995

Multiple cross-site scripting XSS vulnerabilities in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allow remote attackers to inject arbitrary web script or HTML via a crafted URL...