CVE-2014-6121

Currently unrated

Key Information:

Vendor: IBM
Status: Security Appscan; Security Appscan Source
Vendor: CVE Published:; 23 December 2014

Summary

Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

References

http://www.securitytracker.com/id/1031427

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=swg21693035

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96722

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 23, 2014
Vulnerability Reserved
Sep 2, 2014