IBM Content Navigator CVE-2018-1496 Cross Site Scripting Vulnerability
BID:104374
CVE-2018-1496 |Info
IBM Content Navigator CVE-2018-1496 Cross Site Scripting Vulnerability
| Bugtraq ID: | 104374 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-1496 |
| Remote: | Yes |
| Local: | No |
| Published: | May 29 2018 12:00AM |
| Updated: | May 29 2018 12:00AM |
| Credit: | IBM |
| Vulnerable: |
IBM Content Navigator 3.0.3 IBM Content Navigator 3.0.2 IBM Content Navigator 3.0 IBM Content Navigator 3.0.1 IBM Content Navigator 2.0.3 |
| Not Vulnerable: | |
Discussion
IBM Content Navigator CVE-2018-1496 Cross Site Scripting Vulnerability
IBM Content Navigator is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 are vulnerable; other versions may also be affected.
IBM Content Navigator is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 are vulnerable; other versions may also be affected.
References
IBM Content Navigator CVE-2018-1496 Cross Site Scripting Vulnerability
References:
References: