CVE-2017-1500
IBM Worklight/MobileFirst Platform Foundation is affected by CVE-2017-1500: a Reflected XSS in the RESTful Web Api authorization function where the scope parameter can reflect arbitrary JavaScript if a realm not defined in authenticationConfig.xml is used, potentially enabling credential disclosu...