Cross-site Scripting Vulnerability in IBM Security Access Manager for Mobile
CVE-2014-4751

Currently unrated

Key Information:

Vendor: IBM
Status: Security Access Manager For Mobile
Vendor: CVE Published:; 12 August 2014

Summary

A cross-site scripting (XSS) vulnerability exists in IBM Security Access Manager for Mobile versions 8.0.0.0, 8.0.0.1, and 8.0.0.3. This security flaw allows remote attackers to exploit the system by injecting arbitrary web scripts or HTML through a specially crafted URL. Successful exploitation can lead to unauthorized access to sensitive data and potentially compromise user sessions.

References

http://secunia.com/advisories/60562

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/94353

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21680440

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 12, 2014
Vulnerability Reserved
Jul 9, 2014