Home Unlabelled IBM Security Bulletin: IBM TRIRIGA Application Platform is vulnerable to a Cross-site scripting attack on login. (CVE-2016-0387)

IBM Security Bulletin: IBM TRIRIGA Application Platform is vulnerable to a Cross-site scripting attack on login. (CVE-2016-0387)

By
Wednesday, June 01, 2016
Read
Add Comment

IBM TRIRIGA is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE(s): CVE-2016-0387

Affected product(s) and affected version(s):

The following IBM TRIRIGA Application Platform versions are affected.
· IBM TRIRIGA Application Platform 3.5.
· IBM TRIRIGA Application Platform 3.4.
· IBM TRIRIGA Application Platform 3.3.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1TPZPWC
X-Force Database: http://ift.tt/1TJLmGy



from IBM Product Security Incident Response Team http://ift.tt/1TPZ2Fk
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us