Cross-Site Scripting Vulnerability in IBM InfoSphere Master Data Management Server
CVE-2014-8897

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Collaborative Server
Vendor: CVE Published:; 22 December 2014

Summary

A Cross-Site Scripting (XSS) vulnerability exists in the Collaboration Server of IBM InfoSphere Master Data Management Server, allowing remote authenticated users to execute arbitrary web scripts or HTML through specially crafted URLs. This flaw can lead to significant security risks, including data theft, session hijacking, and malicious redirection, if exploited. Users are encouraged to apply the necessary patches and review security practices to mitigate risks associated with this and related vulnerabilities.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/99050

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21692176

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 22, 2014
Vulnerability Reserved
Nov 14, 2014