VDB
CISA-2024-28795
CISA-2024-28795
PUBLISHED
CVSS 5.4 MEDIUM
Reported by ibm · Published June 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 286832.
Risk Scores
CVSS 3.1
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | InfoSphere Information Server | 11.7 |
| IBM | InfoSphere Information Server | 11.7, 11.7 |
Timeline
- Jun 30, 2024 CVE Published
- Jul 1, 2024 CVE Updated