Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMA48ADDF9899AB448105F32C12994F7EA922B37508ADD048389980EDDF8728CD7
HistoryDec 14, 2020 - 6:31 p.m.

Security Bulletin: A security vulnerability in angular.js affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service.

2020-12-1418:31:49
www.ibm.com
12

0.002 Low

EPSS

Percentile

51.9%

JSON

Summary

A security vulnerability in angular.js affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service.

Vulnerability Details

CVEID:CVE-2020-7676
**DESCRIPTION:**angular.js is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/183379 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Cloud Pak for Multicloud Management 2.0

Remediation/Fixes

Upgrade to IBM Cloud Pak for Multicloud Management 2.1 by following the instructions in <https://www.ibm.com/support/knowledgecenter/en/SSFC4F_2.1.0/install/upgrade.html&gt;.

Workarounds and Mitigations

None

Related

ibm 15
debiancve 1
prion 1
f5 1
redhatcve 1
cvelist 1
github 1
veracode 1
osv 2
nvd 1
githubexploit 1
ubuntucve 1
cve 1
nessus 3
redhat 7
ibm
ibm
Security Bulletin: A cross-site scripting vulnerability in Angular.js affects IBM InfoSphere Information Server
2021-06-17 23:04:52
Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability (CVE-2020-7676)
2021-01-06 13:23:25
Security Bulletin: IBM Security Verify Information Queue uses a Node.js package with a cross-site scripting vulnerability (CVE-2020-7676)
2021-02-10 16:50:25
debiancve
debiancve
CVE-2020-7676
2020-06-08 14:15:13
prion
prion
Cross site scripting
2020-06-08 14:15:00
f5
f5
K32412075 : AngularJS XSS vulnerability CVE-2020-7676
2021-07-23 00:00:00
redhatcve
redhatcve
CVE-2020-7676
2020-06-19 20:29:14
cvelist
cvelist
CVE-2020-7676
2020-06-08 13:34:09
github
github
Cross site scripting in Angular
2020-06-18 14:19:58
veracode
veracode
Cross-site Scripting (XSS)
2020-06-09 02:33:32
osv
osv
CVE-2020-7676
2020-06-08 14:15:13
Cross site scripting in Angular
2020-06-18 14:19:58
nvd
nvd
CVE-2020-7676
2020-06-08 14:15:13
githubexploit
githubexploit
Exploit for Cross-site Scripting in Angularjs Angular.Js
2020-12-01 09:45:48
ubuntucve
ubuntucve
CVE-2020-7676
2020-06-08 00:00:00
cve
cve
CVE-2020-7676
2020-06-08 14:15:13
nessus
nessus
RHEL 7 : Red Hat Single Sign-On 7.4.6 security update on RHEL 7 (Low) (RHSA-2021:0968)
2021-03-23 00:00:00
RHEL 8 : Red Hat Single Sign-On 7.4.6 security update on RHEL 8 (Low) (RHSA-2021:0969)
2021-03-23 00:00:00
RHEL 6 : Red Hat Single Sign-On 7.4.6 security update on RHEL 6 (Low) (RHSA-2021:0967)
2021-03-23 00:00:00
redhat
redhat
(RHSA-2021:0967) Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 6
2021-03-23 13:38:50
(RHSA-2021:0968) Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 7
2021-03-23 13:38:56
(RHSA-2021:0969) Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 8
2021-03-23 13:39:03

0.002 Low

EPSS

Percentile

51.9%

JSON
Related for A48ADDF9899AB448105F32C12994F7EA922B37508ADD048389980EDDF8728CD7
ibm15debiancve1prion1f51redhatcve1cvelist1github1veracode1osv2nvd1githubexploit1ubuntucve1cve1nessus3redhat7