CVE-2024-35146

Summary

CVE-2024-35146 is a newly disclosed cross-site scripting (XSS) vulnerability affecting the Monitor Component of IBM Maximo Application Suite versions 8.10.11, 8.11.8, and 9.0.0. An attacker can exploit this flaw by injecting malicious JavaScript code into the web user interface, altering its intended functionality. This potentially dangerous scenario could lead to sensitive information such as credentials being disclosed within trusted sessions. Unauthenticated attackers can take advantage of this vulnerability, posing a significant risk to organizations using the affected IBM Maximo Application Suite versions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.