CVE-2016-0229

CWE-79 — Cross-site Scripting (XSS)5 documents4 sources

Severity

6.1MEDIUM

EPSS

0.2%

top 54.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Marketing Platform

Timeline

PublishedJun 28

Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

▶NVDibm/marketing_platform34 versions+33

🔴Vulnerability Details

GHSA

GHSA-7jfv-mfhq-6jjv: Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8↗2022-05-17

▶

CVEList

CVE-2016-0229: Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8↗2016-06-28

▶

🕵️Threat Intelligence

Talos

Vulnerability Spotlight - McAfee ePolicy Orchestrator DataChannel Blind SQL Injection Vulnerability↗2017-02-02

▶