Watson Marketing Ideas

Submit new product ideas for Campaign, Interact, Marketing Operations, Marketing Platform, Campaign Managed Hosted, interact Managed Hosted, Marketing Operations Managed Hosted, Digital Analytics, Tealeaf, Universal Behavior Exchange, Watson Customer Experience Analytics, Watson Marketing Insights, Watson Content Hub, Web Content Manager and WebSphere Portal solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed.

Connect with your peers and IBM experts on the Watson Marketing and Commerce Community

Submit ideas for other Watson Customer Engagement Products:

•  Watson Campaign Automation
Watson Commerce
Watson Supply Chain

Insecure E-mail sending function - possible security vulnerability

The Tealeaf app provides an E-mail function for users to send out the statistics results via E-mail. However, the application allows the emails to be sent out Citi to the external E-mail receivers. This behavior causes security concerns. The internal data collected in the Tealeaf app should be contained inside the Citi environment. The application should not allow the users to set up external email addresses http://<TeaLeaf Portal Serve>/Portal/SystemStats.aspx In Tealeaf System Statistics, a user can email the system information to an external email address, such as vatester1@primeon.com.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Apr 3 2018
  • Delivered
How will this idea be used?

To have TeaLeaf Engineering correct this security vulnerability.

What is your industry? Banking
What is the idea priority? High
DeveloperWorks ID
RTC ID
Link to original RFE
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    April 05, 2018 17:49

    Hi - we're currently reviewing your RFE with Engineering and will provide updates as soon as possible

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    July 31, 2018 21:50

    Agreed - this is indeed a security vulnerability for sending out stats, reports, etc.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    September 25, 2018 20:35

    Great ask! This is targeted/planned for a future release.