Cross site scripting

2019-05-2018:29:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155885.

CPENameOperatorVersion
bigfix_platformge9.5
bigfix_platformle9.5.12
bigfix_platformge9.2
bigfix_platformle9.2.17

Name	Operator	Version
bigfix_platform	ge	9.5
bigfix_platform	le	9.5.12
bigfix_platform	ge	9.2
bigfix_platform	le	9.2.17

References

exchange.xforce.ibmcloud.com/vulnerabilities/155885

www.ibm.com/support/docview.wss?uid=ibm10881996