CVE-2016-3003 in Connectionsinformação

Sumário

de MITRE

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string, a different vulnerability than CVE-2016-3001 and CVE-2016-3006.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

09/03/2016

Divulgação

26/09/2016

Moderação

aceite

Entrada

VDB-92166

CPE

pronto

CWE

CWE-79 (confirmado)

CVSS

5.4 (NVD)

EPSS

0.00199

KEV

não

Atividades

muito baixo

Sector

Energy, Lawfirm, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-3003
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-3003
CVE Details	https://www.cvedetails.com/cve/CVE-2016-3003/

◂ Voltar Visão Geral Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!