Medium Severity

IBM Security Bulletin: IBM InfoSphere Governance Catalog is affected by a Reflected XSS (Cross-Site Scripting) vulnerability

Share this post:

A Reflected XSS (Cross-Site Scripting) vulnerability was addressed by IBM InfoSphere Governance Catalog.

CVE(s): CVE-2018-1895

Affected product(s) and affected version(s):

The following products, running on all supported platforms, are affected:

IBM InfoSphere Information Governance Catalog: versions 11.3, 11.5, and 11.7

IBM InfoSphere Information Server on Cloud: version 11.5, and 11.7

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10744013
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152159

More stories

IBM Security Bulletin: IBM Event Streams is affected by Go vulnerabilities

Jul 17, 2019 9:02 am EDT | Medium Severity

IBM Event Streams has addressed the following vulnerabilities in the Go Runtimes shipped. CVE(s): CVE-2019-9741 Affected product(s) and affected version(s):IBM Event Streams 2018.3.0 IBM Event Streams 2018.3.1 IBM Event Streams 2019.1.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10884414X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158137 ...read more


IBM Security Bulletin: IBM Event Streams is affected by WebSphere Liberty Profile vulnerability CVE-2019-4046

Jul 17, 2019 9:01 am EDT | Medium Severity

IBM Event Streams has addressed the following vulnerability. CVE(s): CVE-2019-4046 Affected product(s) and affected version(s):IBM Event Streams 2018.3.0 IBM Event Streams 2018.3.1 IBM Event Streams 2019.1.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10888065X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/156242 ...read more


IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to File Path Traversal (CVE-2019-4430)

Jul 16, 2019 9:02 am EDT | Medium Severity

IBM Maximo Asset Management is vulnerable to File Path Traversal CVE(s): CVE-2019-4430 Affected product(s) and affected version(s): This vulnerability affects the following versions of the IBM Maximo Asset Management core product, and all other IBM Maximo Industry Solution and IBM Control Desk products, regardless of their own version, if they are currently installed on top ...read more