Cross site scripting

2019-11-0902:15:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163779.

CPENameOperatorVersion
qradar_security_information_and_event_managerge7.3.0
qradar_security_information_and_event_managerle7.3.1
qradar_security_information_and_event_managereq7.3.2
qradar_security_information_and_event_managereq7.3.2 p1
qradar_security_information_and_event_managereq7.3.2 p2
qradar_security_information_and_event_managereq7.3.2 p3
qradar_security_information_and_event_managereq7.3.2 p4

Name	Operator	Version
qradar_security_information_and_event_manager	ge	7.3.0
qradar_security_information_and_event_manager	le	7.3.1
qradar_security_information_and_event_manager	eq	7.3.2
qradar_security_information_and_event_manager	eq	7.3.2 p1
qradar_security_information_and_event_manager	eq	7.3.2 p2
qradar_security_information_and_event_manager	eq	7.3.2 p3
qradar_security_information_and_event_manager	eq	7.3.2 p4