Medium Severity

IBM Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Campaign (CVE-2018-1921)

Share this post:

IBM Campaign is impacted by cross-site scripting (XSS) vulnerability on profile name.

CVE(s): CVE-2018-1921

Affected product(s) and affected version(s):

9.1.0, 9.1.2, 10.1, 11.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887995
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152857

More stories

Security Bulletin: CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name

Aug 4, 2020 8:01 pm EDT | Medium Severity

CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name ...read more


Security Bulletin: CVE-2019-2949 may affect IBM® SDK, Java™ Technology Edition

Aug 4, 2020 8:00 pm EDT | Medium Severity

CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11.

Aug 4, 2020 8:00 pm EDT | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, used by IBM Integration Bus & IBM App Connect Enterprise v11. These issues were disclosed as part of the IBM Java SDK updates in April 2020. ...read more