VDB

CISA-2024-28795

CISA-2024-28795 PUBLISHED CVSS 5.4 MEDIUM

Reported by ibm · Published June 30, 2024

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 286832.

Risk Scores

CVSS 3.1
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
IBMInfoSphere Information Server11.7
IBMInfoSphere Information Server11.7, 11.7

Timeline

  • Jun 30, 2024 CVE Published
  • Jul 1, 2024 CVE Updated

References

  • vendor-advisory
  • vdb-entry
Open in Interactive Console →
$ Console Community · 100/wk Open console ›