CVE-2017-1160

Summary

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 122892.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationFinancial Transaction Manager3.0.0.0affected
IBM CorporationFinancial Transaction Manager3.0.0.1affected
IBM CorporationFinancial Transaction Manager3.0.0.2affected
IBM CorporationFinancial Transaction Manager3.0.0.3affected
IBM CorporationFinancial Transaction Manager3.0.0.4affected
IBM CorporationFinancial Transaction Manager3.0.0.5affected
IBM CorporationFinancial Transaction Manager3.0.0.6affected
IBM CorporationFinancial Transaction Manager3.0.0.7affected
IBM CorporationFinancial Transaction Manager3.0.0.8affected
IBM CorporationFinancial Transaction Manager3.0.0.9affected
IBM CorporationFinancial Transaction Manager3.0.0.10affected
IBM CorporationFinancial Transaction Manager3.0.0.11affected
IBM CorporationFinancial Transaction Manager3.0.0.12affected
IBM CorporationFinancial Transaction Manager3.0.0.13affected
IBM CorporationFinancial Transaction Manager3.0.0.14affected
IBM CorporationFinancial Transaction Manager3.0.0.15affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References