Cross-Site Scripting Vulnerabilities in IBM Case Manager
CVE-2015-1979

Currently unrated

Key Information:

Vendor: IBM
Status: Case Manager
Vendor: CVE Published:; 20 July 2015

What is CVE-2015-1979?

IBM Case Manager 5.2.1 prior to version 5.2.1.2 is susceptible to multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote authenticated users to inject arbitrary web scripts or HTML through the addressability or comments components of the error dialog. Exploitation of these flaws could lead to unauthorized actions or exposure of sensitive information.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21959695

x_refsource_CONFIRM

http://www.securityfocus.com/bid/75538

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 20, 2015
Vulnerability Reserved
Feb 19, 2015