CVE-2020-4916

January 5, 2021

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390.

Summary:

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390.

PoC / Reference Links(if available):

https://exchange.xforce.ibmcloud.com/vulnerabilities/191390

CVSSv2 and CVSSv3 Score

v2: 3.5 / LOW
v3: 4.8 / MEDIUM

Links to patches(if available)

You may have missed

image 1

CVE Alert: CVE-2024-52867

November 18, 2024
image 1

CVE Alert: CVE-2020-25720

November 18, 2024
image 1

CVE Alert: CVE-2023-4639

November 18, 2024
image 1

CVE Alert: CVE-2023-1419

November 18, 2024
image 1

CVE Alert: CVE-2023-43091

November 18, 2024