BMC Remedy Mid Tier Stored HTML Injection Vulnerability

Vulnerability

A stored HTML injection vulnerability has been identified in BMC Remedy Mid Tier version 7.6.04. This issue allows authenticated remote attackers to inject HTML that is stored and potentially executed within the application.

Impact

Exploitation of this vulnerability allows for stored HTML injection, where injected HTML can be executed in the context of the user.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.3

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BMC Remedy Mid Tier Stored HTML Injection Vulnerability

Vulnerability

Impact

Affected Products

BMC Remedy Mid Tier

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating