IBM OpenPages Vulnerability: Unauthorized Access to Client-Side Source Code via JavaScript Source Maps
CVE-2024-27257

4.3MEDIUM

Key Information:

Vendor

IBM
Status
Openpages
Vendor
CVE Published:
10 September 2024

What is CVE-2024-27257?

IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.

Affected Version(s)

OpenPages 8.3, 9.0

References

https://www.ibm.com/support/pages/node/7167702
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/283966
vdb-entry

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2024-27257 : IBM OpenPages Vulnerability: Unauthorized Access to Client-Side Source Code via JavaScript Source Maps