CVE-2016-3003 in Connectionsजानकारी

सारांश

द्वारा MITRE

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3006.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

आरक्षित करना

09/03/2016

प्रकटीकरण

26/09/2016

संयम

स्वीकृत

प्रविष्टि

VDB-92166

CPE

तैयार

CWE

CWE-79 (पुष्टि की गई)

CVSS

5.4 (NVD)

EPSS

0.00199

KEV

नहीं

गतिविधियाँ

बहुत कम

क्षेत्र

Telecommunication, Insurance, ...

स्रोत

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-3003
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-3003
CVE Details	https://www.cvedetails.com/cve/CVE-2016-3003/

◂ पिछला सिंहावलोकन अगला ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!