CVE-2014-0968

IBM Infosphere Master Data Management Collaboration Server - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL for an MHTML document.

References (2)

Scores

EPSS 0.0017
EPSS Percentile 37.5%

Details

CWE
CWE-79
Status published
Products (6)
ibm/infosphere_master_data_management_collaboration_server
ibm/infosphere_master_data_management_collaboration_server
ibm/infosphere_master_data_management_collaboration_server
ibm/infosphere_master_data_management_server_for_product_information_management
ibm/infosphere_master_data_management_server_for_product_information_management
n/a/n/a
Published Jul 19, 2014
Tracked Since Feb 18, 2026