IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
BID:69798
Info
IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
| Bugtraq ID: | 69798 |
| Class: | Input Validation Error |
| CVE: |
CVE-2014-4763 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 10 2014 12:00AM |
| Updated: | Nov 19 2014 12:57AM |
| Credit: | IBM |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
IBM FileNet Content Manager and Content Foundation are prone to an unspecified cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
IBM FileNet Content Manager and Content Foundation are prone to an unspecified cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Exploit / POC
IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.
To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.
Solution / Fix
IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
IBM FileNet Content Manager and Content Foundation Unspecified Cross Site Scripting Vulnerability
References:
References:
- IBM Homepage (IBM)