CVE-2023-43015

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Dec 1, 2023

Updated: Dec 4, 2023

CWE ID 79

Summary

CVE-2023-43015 is a cross-site scripting (XSS) vulnerability affecting IBM InfoSphere Information Server 11.7. This issue permits users to inject malicious JavaScript code into the Web UI, manipulating intended functionalities and potentially disclosing sensitive credentials within trusted sessions. IBM's X-Force has assigned the vulnerability the ID 266064.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Infosphere Information Server

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ssI4Ro
https://www.cve.org/CVERecord?id=CVE-2023-43015
https://nvd.nist.gov/vuln/detail/CVE-2023-43015

Back to Vulnerability Database