Description
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150019.
Remediation
References
Related Vulnerabilities
WordPress Plugin WassUp Real Time Analytics Cross-Site Scripting (1.9)
WordPress Plugin Analytics Remote Code Execution (1.7)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000169)
WordPress Plugin Newsletter SQL Injection (3.0.8)
Oracle Database Server CVE-2018-2875 Vulnerability (CVE-2018-2875)