CVE-2023-35905

Summary

CVE-2023-35905 is a cross-site scripting (XSS) vulnerability affecting IBM FileNet Content Manager versions 5.5.8, 5.5.10, and 5.5.11. This issue enables users to inject malicious JavaScript code into the Web User Interface, thereby altering the intended functionality. Potentially, attackers could exploit this vulnerability to disclose confidential user credentials within a trusted session. IBM's X-Force has assigned ID 259384 to this security concern.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.