Description
|
|
IBM has acknowledged a vulnerability in IBM Cúram Social Program Management, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
For more information:
SA62077
(#5)
1) The application bundles a vulnerable version of CKEditor.
For more information:
SA60036
Note: IBM Cúram Social Program Management version 6.0.5.5a is not affected by this vulnerability.
The vulnerability is reported in versions 6.0.4.4 and 6.0.4.5.
|