2 matches found
CVE-2019-4482
IBM Emptoris Spend Analysis versions 10.1.0–10.1.3 are vulnerable to cross-site scripting (CVE-2019-4482), allowing arbitrary JavaScript in the Web UI and potentially exposing credentials within a trusted session. CVSS v3 base score 5.4 (network attack, low complexity, user interaction required)....
Security Bulletin: Cross-site Scripting Affects IBM Emptoris Spend Analysis (CVE-2019-4482)
Summary Cross-site Scripting affects IBM Emptoris Spend Analysis. Vulnerability Details CVEID: CVE-2019-4482 DESCRIPTION: IBM Emptoris Spend Analysis is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...