First published: Wed Oct 02 2019(Updated: )
IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 165815.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Security Directory Server | =6.4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this IBM Security Directory Server vulnerability is CVE-2019-4542.
The severity of CVE-2019-4542 is medium.
CVE-2019-4542 allows users to embed arbitrary JavaScript code in the Web UI of IBM Security Directory Server, potentially leading to credentials disclosure within a trusted session.
The Common Vulnerability and Exposures (CVE) ID for this vulnerability is CVE-2019-4542.
No fix is currently available for CVE-2019-4542. It is recommended to apply appropriate mitigations to reduce the risk.