Cybersecurity specialists reported the detection of multiple vulnerabilities in IBM Security QRadar SOAR. According to the report, successful exploitation of these flaws would allow the deployment of severe attack scenarios.
Below are brief descriptions of the reported flaws, in addition to their tracking keys and scorings assigned according to the Common Vulnerability Scoring System (CVSS).
CVE-2021–41182: The insufficient sanitization of values passed as the ‘altField‘ option of the Datepicker widget would allow remote attackers to inject and run arbitrary JavaScript code in affected users’ browsers.
Comments are closed.