Lucene search
China National Vulnerability DatabaseCNVD-2022-84077HistoryMar 16, 2022 - 12:00 a.m.
IBM Spectrum Copy Data Management Cross-Site Scripting Vulnerability (CNVD-2022-84077)
2022-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
38
ibm
spectrum
copy data management
cross-site scripting
vulnerability
data validation
filtering
web ui
javascript
credential leakage
EPSS
0.001
Percentile
19.6%
IBM Spectrum Copy Data Management is an implementation of International Business Machines Corporation (IBM) to modernize, simplify, and automate data center copy management processes.A cross-site scripting vulnerability exists in IBM Spectrum Copy Data Management versions 2.2.0.0 (inclusive) through 2.2.14.3 (inclusive), which stems from the program’s lack of data validation filtering of user-provided data and output. An attacker could exploit the vulnerability to allow a user to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality and potentially lead to credential leakage in trusted sessions.
Related
cvelist
cvelist
CVE-2021-39055
2022-03-14 16:45:19
prion
prion
Cross site scripting
2022-03-14 17:15:00
nvd
nvd
CVE-2021-39055
2022-03-14 17:15:07
cve
cve
CVE-2021-39055
2022-03-14 17:15:07
