CVE-2019-4454

Name of the Vulnerable Software and Affected Versions IBM QRadar versions 7.3.0 through 7.3.2 Patch 4

Description The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session.

Recommendations For IBM QRadar versions 7.3.0 through 7.3.2 Patch 4, consider disabling JavaScript execution in the Web UI as a temporary workaround until a patch is available. Restrict access to the Web UI to minimize the risk of exploitation.