3 matches found
Security Bulletin: IBM DataPower Gateway vulnerable to XSS
Summary IBM has addressed the following CVEs Vulnerability Details CVEID:CVE-2022-32750 DESCRIPTION: IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to...
CVE-2022-31774
IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...
CVE-2022-31774
CVE-2022-31774 affects IBM DataPower Gateway. Vulnerable in Web UI where lack of data validation/filtering lets attackers embed arbitrary JavaScript, potentially disclosing credentials in a trusted session. Affected versions include 10.0.1.0–10.0.1.8, 10.0.2.0–10.0.4.0, 10.5.0.0, and 2018.4.1.0–2...