IBM BigFix Platform Multiple Security Vulnerabilities
IBM BigFix Platform is prone to the following multiple security vulnerabilities:
1. An open-redirection vulnerability
2. An information-disclosure vulnerability
3. A cross-site-scripting vulnerability.
4. A cross-site request-forgery vulnerability
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials, perform unauthorized actions or obtain sensitive information.
BigFix Platform Version 9.2.6 is vulnerable; other versions may also be affected.