CVE-2015-4540 — Cross-site Scripting in RSA Identity Management AND Governance

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

3.5LOWNVD

EPSS

0.2%

top 55.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

EMC RSA Identity Management AND Governance

Timeline

PublishedSep 26

Latest updateMay 14

Description

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6.8.1 P18 and 6.9.x before 6.9.1 P6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

▶NVDemc/rsa_identity_management_and_governance6.8.0 — 6.8.1+1

🔴Vulnerability Details

GHSA

GHSA-fx94-j47r-8xmh: Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6↗2022-05-14

▶

CVEList

CVE-2015-4540: Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG) before 6↗2015-09-25

▶