Cross-Site Scripting Vulnerability in IBM Curam Social Program Management
CVE-2014-3096

Currently unrated

Key Information:

Vendor: IBM
Status: Curam Social Program Management
Vendor: CVE Published:; 10 January 2015

Summary

A cross-site scripting (XSS) vulnerability exists in IBM Curam Social Program Management prior to version 6.0.5.5a. This flaw allows remote authenticated users to exploit the system by injecting arbitrary web scripts or HTML through specially crafted URLs. Successful exploitation can lead to unauthorized actions on behalf of the users, exposing sensitive data and compromising the security of the affected applications.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21692994

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/94264

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 10, 2015
Vulnerability Reserved
Apr 29, 2014