Back to search
CVE-2016-9000
Published: Feb 1, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct clickjacking or other client-side browser attacks.
| Vendor | Product | Versions |
|---|---|---|
IBM Corporation | InfoSphere Information Server | affected 8.1affected 8.5affected 8.0affected 8.5.0.1affected 8.7+8 more versions |
References
1037564
vdb-entry
x_refsource_SECTRACK
95324
vdb-entry
x_refsource_BID
http://www.ibm.com/support/docview.wss?uid=swg21995257
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now