Ibm · Ibm Aspera Cloud · CVE-2021-38870
**Name of the Vulnerable Software and Affected Versions**
IBM Aspera Cloud (affected versions not specified)
**Description**
The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session. This is due to a stored cross-site scripting issue.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.