IBM CICS TX Standard Reflected XSS and CSRF Vulnerability (CVE-2024-41745)

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Name: IBM CICS TX Standard is vulnerable to Cross-site Scripting (Reflected) and Cross-Site Request Forgery (CSRF). 2. CVE ID: CVE-2024-41745 3. Description: - IBM CICS TX is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI, thereby altering the intended functionality and potentially leading to credential disclosure within a trusted session. 4. CWE ID: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 5. Affected Products and Versions: - IBM CICS TX Standard 11.1 6. Remediation Recommendation: - IBM strongly recommends addressing the vulnerability immediately by updating IBM CICS TX Standard. 7. Reference Links: - Complete CVSS v3 Guide - On-line Calculator v3 - IBM Secure Engineering Web Portal - IBM Product Security Incident Response Blog 8. Disclaimer: - IBM provides the CVSS scores "AS IS" without any warranty, including implied warranties of merchantability or fitness for a particular purpose. Customers are responsible for assessing the impact of any actual or potential security vulnerability. This information provides a detailed description of the vulnerability, affected products and versions, remediation recommendations, and relevant reference links.

Goal Reached Thanks to every supporter — we hit 100%!

IBM CICS TX Standard Reflected XSS and CSRF Vulnerability (CVE-2024-41745)