CVE-2020-4775: XSS
First published: Mon Oct 12 2020(Updated: )
A cross-site scripting (XSS) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. This vulnerability allows attackers to inject malicious scripts into web applications for the purpose of running unwanted actions on the end user's device, restricted to a single location. IBM X-Force ID: 189153.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Curam Social Program Management | =7.0.9.0 | |
| IBM Curam Social Program Management | =7.0.10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-4775?
The severity of CVE-2020-4775 is medium with a severity value of 5.4.
How do I know if I am affected by CVE-2020-4775?
You are affected by CVE-2020-4775 if you are using IBM Curam Social Program Management versions 7.0.9 and 7.0.10.
What is a cross-site scripting (XSS) vulnerability?
A cross-site scripting (XSS) vulnerability allows attackers to inject malicious scripts into web applications, potentially compromising user data or executing unauthorized actions.
What is the impact of CVE-2020-4775?
The impact of CVE-2020-4775 is the ability for attackers to inject and execute malicious scripts on the end user's device via a single location.
How can I fix CVE-2020-4775?
To fix CVE-2020-4775, it is recommended to update to a patched version of IBM Curam Social Program Management.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/references
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm curam social program management
- version/ibm curam social program management/7.0.9.0
- version/ibm curam social program management/7.0.10.0