4 matches found
CVE-2024-1606
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled b...
CVE-2024-1606 HTML injection in BMC Control-M
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled b...
CVE-2024-1606 HTML injection in BMC Control-M
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled b...
CVE-2024-1606
CVE-2024-1606 describes a lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 that allows logged-in users to manipulate generated web pages by injecting HTML code, potentially enabling phishing via malicious links. The issue affects the web/UI layer and is caused by insufficien...