Name of the Vulnerable Software and Affected Versions:

IBM Watson Studio on Cloud Pak for Data versions 4.0 through 5.0

Description:

IBM Watson Studio on Cloud Pak for Data is susceptible to a cross-site scripting issue. An authenticated user can inject arbitrary JavaScript code into the Web UI, potentially modifying the intended functionality and leading to credentials disclosure within a trusted session.

Recommendations:

IBM Watson Studio on Cloud Pak for Data version 4.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

IBM Watson Studio on Cloud Pak for Data version 5.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.