Page 4 of 35 results (0.007 seconds)

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229459. IBM CICS TX 11.1 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229459 https://www.ibm.com/support/pages/node/6833180 https://www.ibm.com/support/pages/node/6833182 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229461. IBM CICS TX 11.1 podría permitir a un atacante remoto secuestrar la acción de hacer clic de la víctima. Al persuadir a una víctima para que visite un sitio web malicioso, un atacante remoto podría aprovechar esta vulnerabilidad para secuestrar las acciones de clic de la víctima y posiblemente lanzar más ataques contra ella. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229461 https://www.ibm.com/support/pages/node/6833186 https://www.ibm.com/support/pages/node/6833188 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452. IBM CICS TX 11.1 no neutraliza o neutraliza incorrectamente la sintaxis de scripting web en encabezados HTTP que pueden utilizar los componentes del navegador web que pueden procesar encabezados sin formato. ID de IBM X-Force: 229452. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229452 https://www.ibm.com/support/pages/node/6833176 https://www.ibm.com/support/pages/node/6833178 • CWE-116: Improper Encoding or Escaping of Output CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •

CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0

IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. IBM X-Force ID: 229450. IBM CICS TX 11.1 podría revelar información sensible a un usuario local debido a una configuración de permisos insegura. ID de IBM X-Force: 229450. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229450 https://www.ibm.com/support/pages/node/6833166 https://www.ibm.com/support/pages/node/6833170 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

IBM CICS TX 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229451. IBM CICS TX 11.1 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229451 https://www.ibm.com/support/pages/node/6833172 https://www.ibm.com/support/pages/node/6833174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •