CVE-2020-4774

An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to obtain unauthorized access or reveal sensitive information such as XML document structure and content. IBM X-Force ID: 189152.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:curam_social_program_management:7.0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:curam_social_program_management:7.0.10.0:*:*:*:*:*:*:*

Information

Published : 2020-10-12 06:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-4774

Mitre link : CVE-2020-4774


JSON object : View

CWE
CWE-91

XML Injection (aka Blind XPath Injection)

Advertisement

dedicated server usa

Products Affected

ibm

  • curam_social_program_management