Description

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 150017.

Remediation

References

CVE-2018-1813

Related Vulnerabilities

WordPress Plugin Contact Form Email Cross-Site Scripting (1.3.24)

Oracle JRE CVE-2013-2423 Vulnerability (CVE-2013-2423)

WordPress Plugin All Category SEO Updater Cross-Site Scripting (0.2.7)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2014-0082)

WordPress Plugin wp-tmkm-amazon Cross-Site Scripting (1.5b)

Severity

Medium

Classification

CVE-2018-1813 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities