CVE-2024-39727
MEDIUMDescription
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | engineering_lifecycle_optimization_-_engineering_insights |
| ibm | engineering_lifecycle_optimization_-_engineering_insights |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-39727? +
How severe is CVE-2024-39727? +
What products are affected by CVE-2024-39727? +
How do I check if I'm vulnerable to CVE-2024-39727? +
Related Vulnerabilities
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link …
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to version 4.4.8, …
SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate external navigation protections for its link (<a>) elements. …
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability …
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this …
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of …