IBM Security Bulletin: IBM MQ Appliance is affected by a UI message injection vulnerability (CVE-2018-1666)

Related Vulnerabilities: CVE-2018-1666  

IBM MQ Appliance has addressed the following UI message injection vulnerability.

Share this post:

IBM MQ Appliance has addressed the following UI message injection vulnerability.

CVE(s): CVE-2018-1666

Affected product(s) and affected version(s):

IBM MQ Appliance 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.11

IBM MQ Appliance 9.1 Long Term Support (LTS) Release

Maintenance levels between 9.1.0.0 and 9.1.0.1

IBM MQ Appliance 9.1.x Continuous Delivery (CD) Release
Continuous delivery updates 9.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10739241
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/144892