2 matches found
CVE-2020-4895
IBM Emptoris Sourcing (Emptoris Strategic Supply Management) versions 10.1.0.x, 10.1.1.x and 10.1.3.x are affected by a stored cross-site scripting vulnerability in the Web UI. The issue allows an attacker to embed arbitrary JavaScript in the UI, potentially leading to credential disclosure withi...
Security Bulletin: Stored Cross-Site Scripting Vulnerability Affects IBM Emptoris Sourcing (CVE-2020-4895)
Summary Cross-Site Scripting Stored affects IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2020-4895 DESCRIPTION: IBM Emptoris is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...