Cross-Site Scripting Vulnerability in IBM OpenPages GRC Platform
CVE-2017-1290

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Openpages Grc Platform
Vendor: CVE Published:; 1 November 2017

Summary

The IBM OpenPages GRC Platform versions 7.1, 7.2, and 7.3 have a vulnerability that allows cross-site scripting (XSS) attacks. This flaw enables users to inject arbitrary JavaScript code into the web interface, leading to manipulation of the platform's intended functionality. Attackers can exploit this vulnerability to potentially access sensitive information, including user credentials, during active sessions. It is crucial for users and administrators to apply necessary patches and updates to mitigate this risk.