Home Unlabelled IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY WebSphere XSS

IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY WebSphere XSS

By
Wednesday, February 06, 2019
Read
Add Comment

Content Collector for Email has addressed the following vulnerability. The Installation Verification Tool of IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE(s): CVE-2018-1643

Affected product(s) and affected version(s):

Content Collector for Email v4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10744701
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144588

The post IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY WebSphere XSS appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ibm.co/2DW9QhG
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us