CVE-2016-0209

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

6.1MEDIUM

EPSS

0.3%

top 49.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Portal

Timeline

PublishedJan 27

Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF09 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

▶NVDibm/websphere_portal8.5.0.0

🔴Vulnerability Details

GHSA

GHSA-fqf5-jrw8-gjvc: Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8↗2022-05-17

▶

CVEList

CVE-2016-0209: Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8↗2016-01-27

▶