CVE-2024-51472
published 2025-01-06CVE-2024-51472: IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This…
low3.1CVSS 3.1
AVNACHPRLUINSUCLINAN
IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0 through 8.0.1.3 are vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | devops_deploy | 8.0 – 8.0.1.3 | — |
| ibm | devops_deploy | 8.0.0.0 – 8.0.1.3 | — |
| ibm | urbancode_deploy | 7.2 – 7.2.3.13 | — |
| ibm | urbancode_deploy | 7.3 – 7.3.2.8 | — |