XSS Vulnerability in IBM InfoSphere Master Data Management Server
CVE-2014-8899

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Collaborative Server
Vendor: CVE Published:; 22 December 2014

What is CVE-2014-8899?

This flaw allows remote authenticated users to exploit the Collaboration Server in IBM InfoSphere Master Data Management, injecting arbitrary web scripts or HTML through crafted URLs. The vulnerability affects multiple versions across the product line and poses a significant risk by enabling unauthorized script execution in the context of another user’s session.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21692176

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/99052

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 22, 2014
Vulnerability Reserved
Nov 14, 2014