Medium Severity

Security Bulletin: Financial Transaction Manager for Corporate Payment Services is affected by a potential cross-site scripting (XSS) vulnerability (CVE-2018-15494)

Share this post:

IBM Financial Transaction Manager for Corporate Payment Services (FTM CPS) for Multi-Platform has addressed the following vulnerability. A potential cross-site scripting vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected Products and Versions

CPS v3.0.2.0 – 3.0.2.1, v3.2.1.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/security-bulletin-financial-transaction-manager-corporate-payment-services-affected-potential-cross-site-scripting-xss-vulnerability-cve-2018-15494

More Medium Severity stories

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.

Mar 25, 2021 8:00 pm EDT | Critical Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 used by IBM License Metric Tool. These issues were disclosed as part of the IBM Java SDK updates in Jan 2021. ...read more


Security Bulletin: Security vulnerabilities in Java SE affects Rational Build Forge

Mar 25, 2021 8:00 pm EDT | Low Severity

Java SE that is used by IBM Rational Build Forge has a security vulnerabilities. IBM Rational Build Forge has addressed the applicable CVEs. ...read more


Security Bulletin: Multiple vulnerabilities in node.js may affect configuration editor used in IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-1971, CVE-2020-8265, CVE-2020-8287

Mar 25, 2021 8:00 pm EDT | High Severity

Security vulnerabilities have been reported for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js. ...read more