Cross-Site Scripting Vulnerability in IBM Rational Software Architect
CVE-2015-7439
6.1MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 27 January 2016
Summary
The vulnerability allows attackers to exploit the InfoSphere Data Architect within IBM's Rational Software Architect suite by injecting arbitrary web scripts or HTML through specially crafted URLs. This could lead to unauthorized access to sensitive data or execution of malicious scripts in the context of a user's browser session, compromising the integrity and security of the affected applications.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved