CVE-2021-20577 – IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scriptin …

Vuln ID: CVE-2021-20577

Published:  2021-05-10  17:15:07Z

Description: IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199281.

Source: NVD.NIST.GOV

 


Date:

Categorie(s):

Tag(s):