Lucene search
China National Vulnerability DatabaseCNVD-2022-85422HistoryJul 21, 2022 - 12:00 a.m.
IBM Sterling Partner Engagement Manager Cross-Site Scripting Vulnerability
2022-07-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
ibm sterling partner engagement manager
cross-site scripting
vulnerability
data validation filtering
javascript code
injection
credential disclosure
trusted session
EPSS
0.001
Percentile
19.6%
A cross-site scripting vulnerability exists in IBM Sterling Partner Engagement Manager, an automation management tool from IBM. IBM Sterling Partner Engagement Manager stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI to alter the intended functionality, potentially leading to credential disclosure in a trusted session.
Related
cvelist
cvelist
CVE-2022-22417
2022-07-19 16:25:23
nvd
nvd
CVE-2022-22417
2022-07-19 17:15:08
cve
cve
CVE-2022-22417
2022-07-19 17:15:08
ibm
ibm
prion
prion
Cross site scripting
2022-07-19 17:15:00