Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21693329 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/99252 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2015-02-14T02:00:00
Updated: 2017-09-07T15:57:01
Reserved: 2014-11-14T00:00:00
Link: CVE-2014-8911
JSON object: View
NVD Information
Status : Modified
Published: 2015-02-14T02:59:32.707
Modified: 2017-09-08T01:29:30.527
Link: CVE-2014-8911
JSON object: View
Redhat Information
No data.
CWE