Mohammed Yousif

**Name of the Vulnerable Software and Affected Versions** IBM Spectrum Scale versions 4.2 through 5.0 **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. **Recommendations** For versions 4.2 through 5.0, update to a version that includes a fix for this issue to prevent cross-site scripting attacks.

**Name of the Vulnerable Software and Affected Versions** IBM Spectrum Scale versions 4.2 through 5.0 **Description** The issue allows a remote authenticated attacker to execute arbitrary commands on the system by sending a specially-crafted request. This enables the attacker to exploit the system and execute commands. **Recommendations** For IBM Spectrum Scale versions 4.2 through 5.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.