Vulnerability Details CVE-2018-1502
IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141338.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.9%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- http://www-01.ibm.com/support/docview.wss?uid=swg22014917
- http://www.securitytracker.com/id/1040760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/141338
- http://www-01.ibm.com/support/docview.wss?uid=swg22014917
- http://www.securitytracker.com/id/1040760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/141338
Products affected by CVE-2018-1502
-
cpe:2.3:a:ibm:content_manager:8.4.3
-
cpe:2.3:a:ibm:content_manager:8.5