PT-2016-6725 · Ibm · Ibm Financial Transaction Manager (Ftm) For Ach Services

Publicado

2016-10-29

Atualizado

2016-11-28

CVE-2016-5920

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM Financial Transaction Manager (FTM) for ACH Services versions 3.0.0.x before fp0015 IBM Financial Transaction Manager (FTM) for ACH Services version 3.0.1.0 before iFix0002

Description A cross-site scripting (XSS) issue exists in the Web UI, allowing remote authenticated users to inject arbitrary web script or HTML. This can be achieved via unspecified vectors.

Recommendations For IBM Financial Transaction Manager (FTM) for ACH Services versions 3.0.0.x before fp0015, apply fix pack fp0015 to resolve the issue. For IBM Financial Transaction Manager (FTM) for ACH Services version 3.0.1.0 before iFix0002, apply iFix0002 to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2016-5920

Produtos afetados

Ibm Financial Transaction Manager (Ftm) For Ach Services

PT-2016-6725 · Ibm · Ibm Financial Transaction Manager (Ftm) For Ach Services

CVE-2016-5920

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5