Home Unlabelled IBM Security Bulletin: Cross Site Scripting vulnerability in IBM Marketing Platform (CVE-2016-0255)

IBM Security Bulletin: Cross Site Scripting vulnerability in IBM Marketing Platform (CVE-2016-0255)

By
Wednesday, May 03, 2017
Read
Add Comment

May 3, 2017 10:00 am EDT

Categorized: Medium Severity

IBM Marketing Platform is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials. IBM Marketing Platform has addressed this vulnerability.

CVE(s): CVE-2016-0255

Affected product(s) and affected version(s):

IBM Marketing Platform 9.1, 9.1.1, 9.1.2, 10.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2p5CWjP
X-Force Database: http://ift.tt/2pHRfiB



from IBM Product Security Incident Response Team http://ift.tt/2p5o98M
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us