Ibm · Ibm Control Desk · CVE-2021-20559
Name of the Vulnerable Software and Affected Versions:
IBM Control Desk versions 7.6.1.2 through 7.6.1.3
Description:
The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session due to cross-site scripting.
Recommendations:
For versions 7.6.1.2 and 7.6.1.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.