Multiple RSA Identity Governance and Lifecycle products suffer from remote file upload and cross site scripting vulnerabilities. Affected products include RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels, RSA Via Lifecycle and Governance version 7.0, all patch levels, and RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels. Continue reading...
