IBM License Metric Tool 9.2.0 through 9.2.40 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:NIBM License Metric Tool
APPIbm< 9.2.41
Powiązane podatności
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to b...
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE)...
IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access controls in ...
IBM License Metric Tool 9.2 could allow a remote attacker to traverse directories on the system. An attacker c...
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect atta...