Rewterz Threat Advisory – CVE-2023-20858 – VMware Carbon Black App Control (App Control) Vulnerability
February 22, 2023Rewterz Threat Advisory – CVE-2023-0936 – TP-Link Archer C50 Vulnerability
February 22, 2023Rewterz Threat Advisory – CVE-2023-20858 – VMware Carbon Black App Control (App Control) Vulnerability
February 22, 2023Rewterz Threat Advisory – CVE-2023-0936 – TP-Link Archer C50 Vulnerability
February 22, 2023Severity
Medium
Analysis Summary
CVE-2023-25928
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Impact
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2023-25928
Affected Vendors
IBM
Affected Products
- IBM InfoSphere Information Server 11.7
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.