Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21967631 | Vendor Advisory |
http://www-01.ibm.com/support/docview.wss?uid=swg21967631 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21967631 - Vendor Advisory |
Information
Published : 2016-02-15 02:59
Updated : 2024-11-21 02:32
NVD link : CVE-2015-4957
Mitre link : CVE-2015-4957
CVE.ORG link : CVE-2015-4957
JSON object : View
Products Affected
ibm
- qradar_security_information_and_event_manager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')