cbcvebase.
CVE-2024-28772
published 2024-07-25

CVE-2024-28772: IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. This vulnerability…

medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285645.

Affected

3 ranges
VendorProductVersion rangeFixed in
ibmsecurity_directory_integrator
ibmsecurity_verify_access
ibmsecurity_verify_directory_integrator