CVE-2024-38318

Summary

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

Affected Software

VendorProductVersion RangeStatus
IBMAspera Shares1.9.0 <= 1.10.0 PL6affected

Weaknesses

  • CWE-80: CWE-80

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References