Cross-Site Scripting Vulnerability in IBM Control Desk
CVE-2021-20559
5.4MEDIUM
What is CVE-2021-20559?
IBM Control Desk versions 7.6.1.2 and 7.6.1.3 are susceptible to a cross-site scripting vulnerability, enabling attackers to inject malicious JavaScript code into the Web UI. This flaw could compromise user sessions, potentially leading to unauthorized access or credential disclosure. Users are advised to apply necessary patches to mitigate associated risks.
Affected Version(s)
Control Desk 7.6.1.2
Control Desk 7.6.1.3