Description
IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158573.
Remediation
References
Related Vulnerabilities
Elgg Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6562)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1725)
MongoDb Missing Authorization Vulnerability (CVE-2024-6375)
WordPress Plugin Cryptocurrency Widgets Pack SQL Injection (1.8.1)
WordPress Plugin Ginger-EU Cookie Law Multiple Vulnerabilities (4.1.3)