IBM QRadar Network Security Cross-Site Scripting Vulnerability (CNVD-2021-88187)

IBM QRadar Network Security is a network security manager from IBM, USA. used to provide better visibility and control over activities and users on the network, while using deep packet inspection, heuristics and behavior-based analysis to detect and prevent advanced threats.A cross-site scripting vulnerability exists in IBM QRadar Network Security versions 5.4.0 and 5.5.0. The vulnerability stems from the fact that IBM QRadar Network Security is vulnerable to cross-site scripting attacks. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality and result in credential disclosure in a trusted session.