Cross-Site Scripting Vulnerability in IBM Forms Experience Builder
CVE-2014-6169

5.4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
12 April 2018

Summary

The vulnerability in IBM Forms Experience Builder versions 8.5.0 and 8.5.1 allows attackers to execute arbitrary web scripts or HTML, which can compromise user sessions, redirect users to malicious sites, or display harmful content. This happens through unspecified vectors that inadvertently accept untrusted input, making it a significant risk for organizations utilizing these versions of the software.

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.