Medium Severity

Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential Cross-Site Scripting (Reflected) vulnerability (CVE-2020-4560)

Share this post:

This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6255190

More stories

Security Bulletin: IBM Event Streams affected by multiple vulnerabilities in OpenSSL package

Aug 10, 2020 8:00 pm EDT | Medium Severity

IBM Event Streams affected by vulnerabilities in OpenSSL package ...read more


Security Bulletin: JQuery as used by IBM QRadar Network Packet Capture is vulnerable to Cross Site Scripting (XSS) (CVE-2020-11023, CVE-2020-11022)

Aug 10, 2020 8:00 pm EDT | Medium Severity

JQuery as used by IBM QRadar Network Packet Capture is vulnerable to Cross Site Scripting (XSS) ...read more


Security Bulletin: IBM Event Streams is affected by a vulnerability in Apache Commons Compress (CVE-2019-12402)

Aug 10, 2020 8:00 pm EDT | Medium Severity

Vulnerability in Apache Commons Compress exposed within IBM Event Streams ...read more