Cross-Site Scripting Vulnerability in IBM InfoSphere Master Data Management Server
CVE-2014-8898

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Collaborative Server
Vendor: CVE Published:; 22 December 2014

Summary

This vulnerability in the Collaboration Server of IBM InfoSphere Master Data Management allows remote authenticated users to exploit cross-site scripting (XSS) weaknesses. By crafting specific URLs, attackers can inject arbitrary web scripts or HTML into the affected application. This presents significant security risks, including the potential for data theft, account takeover, and unauthorized administrative access. Users are advised to implement all available patches and monitor their systems for any suspicious activity.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21692176

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/99051

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 22, 2014
Vulnerability Reserved
Nov 14, 2014