Cross-site Scripting Vulnerability in IBM InfoSphere Master Data Management
CVE-2014-0850

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Reference Data Management Hub
Vendor: CVE Published:; 16 March 2014

Summary

The vulnerability allows remote authenticated users to execute arbitrary web scripts or HTML by injecting malicious content through carefully crafted URLs. This can lead to unauthorized access or other security breaches. Affected software includes IBM InfoSphere MDM versions 10.1 and 11.0 prior to patch 11.0.0.0-MDM-IF008. Proper measures should be taken to secure web applications against XSS attacks to protect sensitive user data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90751

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21666119

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 16, 2014
Vulnerability Reserved
Jan 6, 2014