QwikSec

Security Database

CVE

CWE

Training

CVE-2017-1106

Published: Jun 28, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120744.

Vendor	Product	Versions
IBM	Cram Social Program Management	affected `6.0.4` affected `6.0.5` affected `6.0` affected `5.2` affected `6.1.0` +3 more versions

References

vdb-entry

x_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg22004580

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/120744

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.