PT-2018-4594 · Ibm · Ibm Care Management+1
Publicado
2018-03-12
·
Atualizado
2018-04-09
·
CVE-2016-0261
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Curam Social Program Management versions 6.0.0 through 6.0.0 before SP2 EP29
IBM Curam Social Program Management versions 6.0.4 through 6.0.4 before 6.0.4.6 iFix3
IBM Curam Social Program Management versions 6.0.5 through 6.0.5 before 6.0.5.9 iFix2
IBM Curam Social Program Management version 6.1.0 before 6.1.0.1 iFix1
IBM Curam Social Program Management version 6.1.1 before 6.1.1.1 iFix1
IBM Care Management version 6.0
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For IBM Curam Social Program Management versions 6.0.0 through 6.0.0 before SP2 EP29, update to at least SP2 EP29.
For IBM Curam Social Program Management versions 6.0.4 through 6.0.4 before 6.0.4.6 iFix3, update to at least 6.0.4.6 iFix3.
For IBM Curam Social Program Management versions 6.0.5 through 6.0.5 before 6.0.5.9 iFix2, update to at least 6.0.5.9 iFix2.
For IBM Curam Social Program Management version 6.1.0 before 6.1.0.1 iFix1, update to at least 6.1.0.1 iFix1.
For IBM Curam Social Program Management version 6.1.1 before 6.1.1.1 iFix1, update to at least 6.1.1.1 iFix1.
For IBM Care Management version 6.0, there is no information about a newer version that contains a fix for this issue.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Care Management
Ibm Curam Social Program Management