Description

IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.

Remediation

References

CVE-2017-1489

Related Vulnerabilities

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-39124)

PHP Use After Free Vulnerability (CVE-2024-11235)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20340)

WordPress Plugin Ad-Manager Open Redirect (1.1.2)

Joomla! Core 1.7.0 Information Disclosure (1.7.0)

Severity

Medium

Classification

CVE-2017-1489 CWE-601 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities