Medium Severity

IBM Security Bulletin: IBM MQ Appliance is affected by a cross-site scripting vulnerability. (CVE-2018-1667)

Share this post:

IBM MQ Appliance has addressed the following cross-site scripting vulnerability.

CVE(s): CVE-2018-1667

Affected product(s) and affected version(s):

IBM MQ Appliance 9.0.x Continuous Delivery (CD) Release
Continuous delivery updates 9.0.1 and 9.0.5

IBM MQ Appliance 9.1 Long Term Support (LTS) Release
Maintenance level 9.1.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10738171
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144893

More stories

IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Jan 22, 2019 9:01 am EST | Medium Severity

IBM Financial Transaction Manager for Corporate Payment Services (FTM CPS) for Multi-Platform has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files. CVE(s): CVE-2018-2026 Affected product(s) and affected version(s): FTM CPS v3.2.1.0 Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: Financial Transaction Manager for Digital Payments is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026)

Jan 22, 2019 9:01 am EST | Medium Severity

Financial Transaction Manager for Digital Payments (FTM DP) for Multi-Platform has addressed the following vulnerability. A potential directory listing vulnerability could allow an authenticated user to obtain a directory listing of internal product files. CVE(s): CVE-2018-2026 Affected product(s) and affected version(s): FTM DP v3.2.1.0 Refer to the following reference URLs for remediation and additional vulnerability ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software

Jan 22, 2019 9:01 am EST | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Application Developer for WebSphere Software. These issues were disclosed as part of the IBM Java SDK updates in October 2018. CVE(s): CVE-2018-3180, CVE-2018-3139 Affected product(s) and affected version(s): Rational Application Developer 9.0- 9.0.1.2 Rational Application ...read more