CVE-2020-4774

Name of the Vulnerable Software and Affected Versions IBM Curam Social Program Management versions 7.0.9 through 7.0.10

Description The issue is caused by the improper handling of user-supplied input, potentially allowing a remote attacker to obtain unauthorized access or reveal sensitive information, such as XML document structure and content, by sending a specially-crafted input.

Recommendations For versions 7.0.9 and 7.0.10, update to a version that properly handles user-supplied input to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.