CVE-2022-38709
CVSS Score
6.1
EPSS Score
0.0%
EPSS Percentile
0th
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 234291.
| Vendor | ibm |
| Product | robotic process automation |
| Published | Oct 6, 2022 |
| Last Updated | Sep 17, 2024 |
Stay Ahead of the Next One
Get instant alerts for ibm robotic process automation
Be the first to know when new medium vulnerabilities affecting ibm robotic process automation are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.0/A:N/PR:N/UI:R/S:C/I:L/C:L/AC:L/AV:N/RC:C/RL:O/E:H Affected Versions
IBM / Robotic Process Automation
21.0.0 21.0.1 21.0.2 21.0.3