Home Unlabelled IBM Security Bulletin: IBM Tririga Anywhere is vulnerable to cross-site scripting (CVE-2017-1604)

IBM Security Bulletin: IBM Tririga Anywhere is vulnerable to cross-site scripting (CVE-2017-1604)

By
Thursday, March 08, 2018
Read
Add Comment

IBM Tririga Anywhere is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session..

CVE(s): CVE-2017-1604

Affected product(s) and affected version(s):

Version(s)Affected Supporting Product and Version
IBM TRIRIGA® Anywhere 10.4.3IBM Maximo Anywhere platform 7.6.1
IBM TRIRIGA® Anywhere 10.4.2IBM Maximo Anywhere platform 7.6
IBM TRIRIGA® Anywhere 10.4.1IBM Maximo Anywhere platform 7.5.1.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22014325
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/132851

The post IBM Security Bulletin: IBM Tririga Anywhere is vulnerable to cross-site scripting (CVE-2017-1604) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2oQn2Ne
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us