PT-2014-3923 · Ibm · Ibm Atlas Suite+3
Publicado
2014-07-29
·
Atualizado
2017-08-29
·
CVE-2014-0889
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Atlas Suite versions prior to 6.0.4
IBM Atlas eDiscovery Process Management versions prior to 6.0.4
IBM Disposal and Governance Management for IT versions prior to 6.0.4
IBM Global Retention Policy and Schedule Management versions prior to 6.0.4
Description
The issue allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, potentially leading to cross-site scripting (XSS) attacks.
Recommendations
For IBM Atlas Suite versions prior to 6.0.4, update to version 6.0.4 or later.
For IBM Atlas eDiscovery Process Management versions prior to 6.0.4, update to version 6.0.4 or later.
For IBM Disposal and Governance Management for IT versions prior to 6.0.4, update to version 6.0.4 or later.
For IBM Global Retention Policy and Schedule Management versions prior to 6.0.4, update to version 6.0.4 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Atlas Suite
Ibm Atlas Ediscovery Process Management
Ibm Disposal/Governance Management For It
Ibm Global Retention Policy/Schedule Management