CVE-2016-3003 in Connectionsinfo

Zusammenfassung

von MITRE

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3006.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

09.03.2016

Veröffentlichung

26.09.2016

Moderieren

akzeptiert

Eintrag

VDB-92166

CPE

bereit

CWE

CWE-79 (bestätigt)

CVSS

5.4 (NVD)

EPSS

0.00199

KEV

nein

Aktivitäten

very low

Sektor

Insurance, Pharma, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-3003
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-3003
CVE Details	https://www.cvedetails.com/cve/CVE-2016-3003/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!