Cross-Site Scripting Vulnerabilities in IBM Security QRadar Incident Forensics
CVE-2015-1995

Currently unrated

Key Information:

Vendor: IBM
Status: Security Qradar Incident Forensics
Vendor: CVE Published:; 8 November 2015

What is CVE-2015-1995?

Multiple cross-site scripting vulnerabilities exist in IBM Security QRadar Incident Forensics 7.2.x versions prior to 7.2.5 Patch 5. These vulnerabilities allow remote attackers to inject arbitrary web scripts or HTML into the application via specially crafted URLs, posing a significant risk to the integrity and security of web applications. Proper validation and sanitization measures should be implemented to mitigate these risks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21968326

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 8, 2015
Vulnerability Reserved
Feb 19, 2015