Medium severity6.1NVD Advisory· Published Jul 13, 2018· Updated Jun 17, 2026
CVE-2018-1255
CVE-2018-1255
Description
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.
Affected products
2<=7.1.0 AND >=7.0.1+ 1 more
- (no CPE)range: <=7.1.0 AND >=7.0.1
- (no CPE)range: version 7.0.1, all patch levels
Patches
Vulnerability mechanics
References
2- seclists.org/fulldisclosure/2018/Jul/46nvdMailing ListThird Party Advisory
- www.securitytracker.com/id/1041287nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.