Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2995, CVE-2016-2997, and CVE-2016-3005.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg1LO89929 | Not Applicable |
http://www-01.ibm.com/support/docview.wss?uid=swg21988991 | Vendor Advisory Patch |
http://www.securityfocus.com/bid/92583 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2016-09-01T10:00:00
Updated: 2016-11-25T19:57:01
Reserved: 2016-03-09T00:00:00
Link: CVE-2016-3010
JSON object: View
NVD Information
Status : Modified
Published: 2016-09-01T10:59:09.343
Modified: 2016-11-28T20:05:56.590
Link: CVE-2016-3010
JSON object: View
Redhat Information
No data.
CWE