Home Unlabelled IBM Security Bulletin: IBM Social Program Management Design System contains an HTML injection vulnerability (CVE-2018-1671)

IBM Security Bulletin: IBM Social Program Management Design System contains an HTML injection vulnerability (CVE-2018-1671)

By
Friday, December 07, 2018
Read
Add Comment

Dec 7, 2018 9:00 am EST

Categorized: Medium Severity

Share this post:

An HTML injection vulnerability was detected in the IBM Social Program Management Design System component of the IBM Cúram Social Program Management product. It was discovered that input data for some tags was not sanitized in a secure way.

CVE(s): CVE-2018-1671

Affected product(s) and affected version(s):

IBM Cúram Social Program Management 7.0.3.0 – 7.0.3.0, specifically the IBM Social Program Management Design System component versions previous to 1.4.x.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10739019
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144951



from IBM Product Security Incident Response Team https://ift.tt/2RHXWME
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us