Description
IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158573.
Remediation
References
Related Vulnerabilities
WordPress 3.8.x Arbitrary File Deletion Vulnerability (3.8 - 3.8.26)
Oracle Database Server CVE-2011-2242 Vulnerability (CVE-2011-2242)
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.14)
Mailman CVE-2006-2941 Vulnerability (CVE-2006-2941)
WordPress Plugin WP Auctions 'wpa_id' Parameter SQL Injection (1.8.8)