What is the severity of CVE-2017-1465?

CVE-2017-1465 has been classified with medium severity due to its potential to allow clickjacking attacks.

How do I fix CVE-2017-1465?

To mitigate CVE-2017-1465, it is recommended to upgrade to the latest version of IBM TRIRIGA Application Platform.

Which versions of IBM TRIRIGA are affected by CVE-2017-1465?

CVE-2017-1465 affects IBM TRIRIGA versions 3.2, 3.3, 3.4, and 3.5.

Who can be impacted by CVE-2017-1465?

Users of IBM TRIRIGA who are exposed to malicious websites can be impacted by CVE-2017-1465.

What type of attack does CVE-2017-1465 facilitate?

CVE-2017-1465 facilitates clickjacking attacks which can compromise a user's actions on the affected application.

Vulnerability/
CVE-2017-1465

medium

5.4

CWE

7/12/2017

16/9/2024

CVE-2017-1465: XSS

First published: Thu Dec 07 2017(Updated: )

IBM TRIRIGA 3.2, 3.3, 3.4, and 3.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 128464.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM TRIRIGA Application Platform	=3.3.0.0
IBM TRIRIGA Application Platform	=3.3.0.1
IBM TRIRIGA Application Platform	=3.3.0.2
IBM TRIRIGA Application Platform	=3.3.1.0
IBM TRIRIGA Application Platform	=3.3.1.1
IBM TRIRIGA Application Platform	=3.3.1.2
IBM TRIRIGA Application Platform	=3.3.1.3
IBM TRIRIGA Application Platform	=3.3.2.0
IBM TRIRIGA Application Platform	=3.3.2.1
IBM TRIRIGA Application Platform	=3.3.2.2
IBM TRIRIGA Application Platform	=3.3.2.3
IBM TRIRIGA Application Platform	=3.3.2.4
IBM TRIRIGA Application Platform	=3.3.2.5
IBM TRIRIGA Application Platform	=3.4.0.0
IBM TRIRIGA Application Platform	=3.4.0.1
IBM TRIRIGA Application Platform	=3.4.1.0
IBM TRIRIGA Application Platform	=3.4.1.1
IBM TRIRIGA Application Platform	=3.4.1.2
IBM TRIRIGA Application Platform	=3.4.1.3
IBM TRIRIGA Application Platform	=3.4.2.0
IBM TRIRIGA Application Platform	=3.4.2.1
IBM TRIRIGA Application Platform	=3.4.2.2
IBM TRIRIGA Application Platform	=3.4.2.3
IBM TRIRIGA Application Platform	=3.4.2.4
IBM TRIRIGA Application Platform	=3.4.2.5
IBM TRIRIGA Application Platform	=3.5.0.0
IBM TRIRIGA Application Platform	=3.5.0.1
IBM TRIRIGA Application Platform	=3.5.0.2
IBM TRIRIGA Application Platform	=3.5.1
IBM TRIRIGA Application Platform	=3.5.1.1
IBM TRIRIGA Application Platform	=3.5.1.2
IBM TRIRIGA Application Platform	=3.5.1.3
IBM TRIRIGA Application Platform	=3.5.2
IBM TRIRIGA Application Platform	=3.5.2.1
IBM TRIRIGA Application Platform	=3.5.2.2
IBM TRIRIGA Application Platform	=3.5.2.3
IBM TRIRIGA Application Platform	=3.5.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1465?
CVE-2017-1465 has been classified with medium severity due to its potential to allow clickjacking attacks.
How do I fix CVE-2017-1465?
To mitigate CVE-2017-1465, it is recommended to upgrade to the latest version of IBM TRIRIGA Application Platform.
Which versions of IBM TRIRIGA are affected by CVE-2017-1465?
CVE-2017-1465 affects IBM TRIRIGA versions 3.2, 3.3, 3.4, and 3.5.
Who can be impacted by CVE-2017-1465?
Users of IBM TRIRIGA who are exposed to malicious websites can be impacted by CVE-2017-1465.
What type of attack does CVE-2017-1465 facilitate?
CVE-2017-1465 facilitates clickjacking attacks which can compromise a user's actions on the affected application.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
agent/weakness
agent/author
agent/severity
agent/tags
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/source
vendor/ibm
canonical/ibm tririga application platform
version/ibm tririga application platform/3.3.0.0
version/ibm tririga application platform/3.3.0.1
version/ibm tririga application platform/3.3.0.2
version/ibm tririga application platform/3.3.1.0
version/ibm tririga application platform/3.3.1.1
version/ibm tririga application platform/3.3.1.2
version/ibm tririga application platform/3.3.1.3
version/ibm tririga application platform/3.3.2.0
version/ibm tririga application platform/3.3.2.1
version/ibm tririga application platform/3.3.2.2
version/ibm tririga application platform/3.3.2.3
version/ibm tririga application platform/3.3.2.4
version/ibm tririga application platform/3.3.2.5
version/ibm tririga application platform/3.4.0.0
version/ibm tririga application platform/3.4.0.1
version/ibm tririga application platform/3.4.1.0
version/ibm tririga application platform/3.4.1.1
version/ibm tririga application platform/3.4.1.2
version/ibm tririga application platform/3.4.1.3
version/ibm tririga application platform/3.4.2.0
version/ibm tririga application platform/3.4.2.1
version/ibm tririga application platform/3.4.2.2
version/ibm tririga application platform/3.4.2.3
version/ibm tririga application platform/3.4.2.4
version/ibm tririga application platform/3.4.2.5
version/ibm tririga application platform/3.5.0.0
version/ibm tririga application platform/3.5.0.1
version/ibm tririga application platform/3.5.0.2
version/ibm tririga application platform/3.5.1
version/ibm tririga application platform/3.5.1.1
version/ibm tririga application platform/3.5.1.2
version/ibm tririga application platform/3.5.1.3
version/ibm tririga application platform/3.5.2
version/ibm tririga application platform/3.5.2.1
version/ibm tririga application platform/3.5.2.2
version/ibm tririga application platform/3.5.2.3
version/ibm tririga application platform/3.5.3

CVE-2017-1465: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-1465?

How do I fix CVE-2017-1465?

Which versions of IBM TRIRIGA are affected by CVE-2017-1465?

Who can be impacted by CVE-2017-1465?

What type of attack does CVE-2017-1465 facilitate?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-1465?

How do I fix CVE-2017-1465?

Which versions of IBM TRIRIGA are affected by CVE-2017-1465?

Who can be impacted by CVE-2017-1465?

What type of attack does CVE-2017-1465 facilitate?