Cross-Site Scripting Vulnerability in IBM Security Privileged Identity Manager
CVE-2016-5974
5.4MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 26 September 2016
Summary
The vulnerability in the Web UI of IBM Security Privileged Identity Manager allows remote authenticated users to inject arbitrary web scripts or HTML. This vulnerability poses significant security risks as attackers can exploit it to execute malicious scripts in the context of the user's browser, leading to unauthorized actions or data exposure.
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved