CVE-2015-7492

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Master Data Management versions 10.1, 11.0 before FP5, 11.3, 11.4, and 11.5 before FP1

Description A cross-site scripting (XSS) issue exists, allowing remote authenticated users to inject arbitrary web script or HTML via a crafted URL. This affects the Reference Data Management (RDM) component.

Recommendations For version 10.1, update to a version that includes the fix for this issue. For version 11.0, apply FP5 or later to resolve the issue. For version 11.3, consider upgrading to a later version that includes the necessary security patches. For version 11.4, apply the relevant security fix or upgrade to a later version. For version 11.5, apply FP1 or later to address the vulnerability. As a temporary workaround, consider restricting access to crafted URLs to minimize the risk of exploitation.