Home Unlabelled IBM Security Bulletin: Content Collector for Email is affected by vulnerability due to information disclosure in Apache MyFaces

IBM Security Bulletin: Content Collector for Email is affected by vulnerability due to information disclosure in Apache MyFaces

By
Wednesday, January 24, 2018
Read
Add Comment

Content Collector for Email has addressed following vulnerability: Apache MyFaces could allow a remote attacker using specially crafted parameters to inject EL expressions into input fields mapped as view parameters and obtain sensitive information.

CVE(s): CVE-2011-4343

Affected product(s) and affected version(s):

Content Collector for Email 3.0.0

Content Collector for Email 4.0.0
Content Collector for Email 4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22012735
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132287

The post IBM Security Bulletin: Content Collector for Email is affected by vulnerability due to information disclosure in Apache MyFaces appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2n5guJA
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us