CVE-2016-2955

Cross-site scripting (XSS) vulnerability in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
Link Resource
http://www.securityfocus.com/bid/92544 Third Party Advisory VDB Entry
http://www-01.ibm.com/support/docview.wss?uid=swg21988531 Patch Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:connections:5.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:connections:5.0.0.0:*:*:*:*:*:*:*

Information

Published : 2016-12-01 03:59

Updated : 2016-12-01 07:16


NVD link : CVE-2016-2955

Mitre link : CVE-2016-2955


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

ibm

  • connections