Stored Cross-Site Scripting in IBM FileNet Content Manager and IBM Content Navigator
CVE-2020-4757

6.4MEDIUM

Key Information:

Vendor: IBM
Status: Content Navigator
Vendor: CVE Published:; 21 December 2020

Summary

The stored cross-site scripting vulnerability in IBM FileNet Content Manager and IBM Content Navigator allows attackers to inject arbitrary JavaScript code into the web interface. This exploitation enables unauthorized actions, such as altering the intended functionality of the applications and potentially disclosing sensitive user credentials during trusted sessions. This risk underscores the importance of securing web applications to prevent malicious scripts from running in user browsers.