MEDIUM🇬🇧 English

CVE-2018-1255

CVSS 6.1v3.0pub. 2018-07-13upd. 2024-11-21

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Emc Rsa Identity Governance And Lifecycle

    APP
    Emc
    7.0.17.0.27.1.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSSAuth Bypass
CWE
Referencje

Powiązane podatności

CVE-2018-1245CRITICAL9.0ten sam produkt

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnera...

CVE-2018-11049HIGH7.3ten sam produkt

RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontro...

CVE-2018-1182HIGH7.8ten sam produkt

An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (...

CVE-2017-8004HIGH7.2ten sam produkt

The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Iden...

CVE-2017-8005MEDIUM5.4ten sam produkt

The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG products (RSA Ide...