CVE-2014-4827

Name of the Vulnerable Software and Affected Versions IBM Security QRadar SIEM QRM versions 7.1 MR1 through 7.2 MR2

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL. This could potentially lead to unauthorized actions on the affected system.

Recommendations For QRM 7.1 MR1, update to a version later than 7.1 MR1 to resolve the issue. For QRM/QVM 7.2 MR2, update to a version later than 7.2 MR2 to resolve the issue. As a temporary workaround, consider restricting access to crafted URLs to minimize the risk of exploitation.