Home Unlabelled IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY Reflected XSS in WebSphereSamISP

IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY Reflected XSS in WebSphereSamISP

By
Wednesday, February 06, 2019
Read
Add Comment

Content Collector for Email has addressed the following vulnerability. IBM WebSphere Application Server using SAML ear is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE(s): CVE-2018-1793

Affected product(s) and affected version(s):

Content Collector for Email v4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10738341
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148948

The post IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY Reflected XSS in WebSphereSamISP appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ibm.co/2MT6rD5
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us