First published: Tue Oct 31 2023(Updated: )
IBM CICS TX is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM TXSeries for Multiplatforms | =8.1 | |
IBM TXSeries for Multiplatforms | =8.2 | |
IBM TXSeries for Multiplatforms | =9.1 | |
HP HP-UX | ||
IBM AIX | ||
Linux Linux kernel | ||
Microsoft Windows | ||
IBM CICS TX | =10.1 | |
IBM CICS TX | =11.1 | |
IBM CICS TX | =11.1 | |
<=10.1 | ||
<=11.1 | ||
<=11.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-42029 is a vulnerability in IBM CICS TX that allows for cross-site scripting attacks.
The severity of CVE-2023-42029 is medium with a CVSS score of 4.8.
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are affected by CVE-2023-42029.
You can fix CVE-2023-42029 by applying the relevant patches provided by IBM.
You can find more information about CVE-2023-42029 on IBM's X-Force Exchange and official support pages.