CVE-2024-22349

The affected software is IBM DevOps Velocity and IBM UrbanCode Velocity. The versions of IBM DevOps Velocity that are affected are 5.0.0, and the versions of IBM UrbanCode Velocity that are affected are 4.0.0 through 4.0.25. These versions allow web pages to be stored locally, which can then be read by another user on the system, potentially exposing sensitive information. An exploit for this issue may be available, and it's worth noting that this issue could impact multiple users, given the nature of the software and its potential use in shared environments. More information about this issue, including potential exploits, can be found at https://t.co/ucoKaUeeZW. #IBMDevOpsVelocity #IBMUrbanCodeVelocity #LocalReadingOfWebPages #WebBrowserCache #SensitiveInformation #IBMVelocityProducts #DevOpsVelocity #UrbanCodeVelocity #SecurityRisk