CVE-2018-1671: XSS
First published: Mon Dec 10 2018(Updated: )
IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-force ID: 144951.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Curam Social Program Management | =7.0.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this IBM Curam Social Program Management vulnerability?
The vulnerability ID for this IBM Curam Social Program Management vulnerability is CVE-2018-1671.
What is the severity of CVE-2018-1671?
The severity of CVE-2018-1671 is medium with a CVSS score of 6.1.
What is the affected software version for CVE-2018-1671?
The affected software version for CVE-2018-1671 is IBM Curam Social Program Management 7.0.3.
What is the impact of CVE-2018-1671?
CVE-2018-1671 allows a remote attacker to inject malicious HTML code, which can be executed in the victim's web browser within the security context of the hosting site.
Are there any references available for CVE-2018-1671?
Yes, you can find references for CVE-2018-1671 at the following links: [SecurityFocus](http://www.securityfocus.com/bid/106202), [IBM X-Force](https://exchange.xforce.ibmcloud.com/vulnerabilities/144951), [IBM Support](https://www.ibm.com/support/docview.wss?uid=ibm10739019).
- collector/nvd-index
- agent/weakness
- agent/references
- agent/tags
- agent/description
- agent/last-modified-date
- agent/remedy
- vendor/ibm
- canonical/ibm curam social program management
- version/ibm curam social program management/7.0.3.0