CVE-2024-45642

Summary

IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected Software

VendorProductVersion RangeStatus
IBMSecurity ReaQta3.12affected

Weaknesses

  • CWE-942: CWE-942 Overly Permissive Cross-domain Whitelist

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References