IBM Robotic Process Automation for Cloud Pak 20.12.0 up to and including 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244075.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm robotic_process_automation |
||
ibm robotic_process_automation_as_a_service |
||
ibm robotic_process_automation_for_cloud_pak |