CVE-2023-50963

Summary

CVE-2023-50963: IBM Storage Defender's Data Protect 1.0.0 to 1.4.1 versions contain a vulnerability that allows attackers to inject malicious HTTP headers. This weakness, resulting from inadequate input validation of HOST headers, could potentially lead to cross-site scripting, cache poisoning, or session hijacking attacks. IBM's X-Force has assigned the ID 276101 to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.