IBM Initiate Master Data Service 9.5 prior to 9.5.093013, 9.7 prior to 9.7.093013, 10.0 prior to 10.0.093013, and 10.1 prior to 10.1.093013 does not properly restrict use of FRAME elements, which allows remote malicious users to conduct phishing attacks, and bypass intended access restrictions or obtain sensitive information, via a crafted web site, related to a "frame injection" issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm initiate master data service 10.0 |
||
ibm initiate master data service 10.1 |
||
ibm initiate master data service 9.5 |
||
ibm initiate master data service 9.7 |