CVE-2016-3018: IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI…

medium6.1CVSS 3.0

AVNACLPRNUIRSCCLILAN

IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected

37 ranges· showing 25

Vendor	Product	Version range	Fixed in
ibm	security_access_manager	—	—
ibm	security_access_manager	—	—
ibm	security_access_manager	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_mobile	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm	security_access_manager_for_web	—	—
ibm_corporation	access_manager	—	—
ibm_corporation	access_manager	—	—
ibm_corporation	access_manager	—	—
ibm_corporation	access_manager	—	—