CVE-2014-0889

Currently unrated

Key Information:

Vendor: IBM
Status: Global Retention Policy And Schedule Management; Atlas Suite; Disposal And Governance Management For It; Atlas Ediscovery Process Management
Vendor: CVE Published:; 29 July 2014

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM Atlas Suite (aka Atlas Policy Suite), as used in Atlas eDiscovery Process Management through 6.0.3, Disposal and Governance Management for IT through 6.0.3, and Global Retention Policy and Schedule Management through 6.0.3, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

References

http://www-01.ibm.com/support/entdocview.wss?uid=swg21679081

x_refsource_CONFIRM

http://secunia.com/advisories/59681

third-party-advisoryx_refsource_SECUNIA

http://www.ibm.com/connections/blogs/PSIRT/entry/security...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 29, 2014
Vulnerability Reserved
Jan 6, 2014