CVE-2020-4916

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191390.

PoC / Reference Links(if available):

https://exchange.xforce.ibmcloud.com/vulnerabilities/191390

CVSSv2 and CVSSv3 Score

v2: 3.5 / LOW
v3: 4.8 / MEDIUM

Links to patches(if available)