Mar 11, 2022

3 XSS vulnerabilities in IBM Security QRadar SOAR: Update immediately

Posted by in category: cybercrime/malcode

Cybersecurity specialists reported the detection of multiple vulnerabilities in IBM Security QRadar SOAR. According to the report, successful exploitation of these flaws would allow the deployment of severe attack scenarios.

Below are brief descriptions of the reported flaws, in addition to their tracking keys and scorings assigned according to the Common Vulnerability Scoring System (CVSS).

CVE-2021–41182: The insufficient sanitization of values passed as the ‘altField‘ option of the Datepicker widget would allow remote attackers to inject and run arbitrary JavaScript code in affected users’ browsers.

Leave a reply