Intrusion Prevention

IBM.InfoSphere.Data.Architect.XSS

Description

This indicates an attack attempt against a Cross-Site Scripting (XSS) vulnerability in IBM InfoSphere Data Architect.
InfoSphere Data Architect is a collaborative data design solution. This vulnerability is caused by improper validation of user-supplied input. A remote attacker may be able to exploit it to execute arbitrary script code within the context of the site via a malicious URL.

Affected Products

IBM InfoSphere Data Architect Version 9.1.3.0

Impact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.

Recommended Actions

Apply the latest update from the vendor.
http://www-01.ibm.com/support/docview.wss?uid=swg21972909

CVE References

CVE-2015-7439