Cross-Site Scripting Vulnerability in IBM Security Privileged Identity Manager
CVE-2016-5974

5.4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
26 September 2016

Summary

The vulnerability in the Web UI of IBM Security Privileged Identity Manager allows remote authenticated users to inject arbitrary web scripts or HTML. This vulnerability poses significant security risks as attackers can exploit it to execute malicious scripts in the context of the user's browser, leading to unauthorized actions or data exposure.

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.