Vulnerability Bulletins

IBM Security Bulletin: IBM Initiate Master Data Service, IBM InfoSphere Master Data Management Standard and Advanced Editions are affected by Cross Site Scripting vulnerabilities in IBM Dojo Toolkit (

System information
   
Affected software IBM

Description
IBM Web applications using file uploader services of IBM Dojo Toolkit might be subject to Cross Site Scripting vulnerability, caused by improper validation of user-supplied input. CVE(s): CVE-2014-8917 Affected product(s) and affected version(s): IBM InfoSphere MDM Reference Data Management Versions 11.4, 11.3, 11.0, 10.1. InfoSphere MDM Probabilistic Matching Engine for InfoSphere BigInsights Versions 11.0 and 11.3. InfoSphere Big Match for Hadoop version 11.4 InfoSphere Initiate

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_initiate_master_data_service_ibm_infosphere_master_data_management_standard_and_advanced_editions_are_affected_by_cross_site_scripting_vulnerabilities_in_ibm_dojo_toolkit

Standar resources
Property Value
CVE

Version history
Version Comments Date
1.0 Advisory issued 2015-04-16
Ministerio de Defensa
CNI
CCN
CCN-CERT