Abstract Advisory Information
Security issue affecting the product IBM CONTENT NAVIGATOR, the feature to add a document is vulnerable to Cross Site Scripting attack.
IBM Support Reference: 2002356
IBM Security Bulletin:
Authors: Dominique Righetto
Versions 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 3.0.0.
Common Vulnerability Scoring System
The vulnerability is fixed is the following VRMF (contact customer support center for the fix and instructions):
Vulnerability Disclosure Timeline
- 2017-04-13: Security note sent to IBM Product Security Incident Response Team about the vulnerability.
- 2017-04-13: Acknowledge from IBM Product Security Incident Response Team about reception of our note.
- 2017-04-25: Acknowledge from IBM Product Security Incident Response Team about the issue validity and start working on a fix (CVE ID created by IBM).
- 2017-05-24: Publishing of the security bulletin by IBM indicating the availability of patches.
- 2017-05-26: Publishing of the Security Advisory.