CVE-2016-0269Cross-site Scripting in IBM Bigfix Platform

CWE-79Cross-site Scripting5 documents5 sources
Severity
5.4MEDIUMNVD
EPSS
0.2%
top 61.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Bigfix Platform
Timeline
PublishedJul 15
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages1 packages

NVDibm/bigfix_platform16 versions+15

🔴Vulnerability Details

2
GHSA
GHSA-qcph-fp7c-c532: Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 92022-05-17
CVEList
CVE-2016-0269: Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 92016-07-15

💬Community

1
Bugzilla
CVE-2016-5824 libical: Multiple use-after-free vulnerabilities2016-09-12
CVE-2016-0269 — Cross-site Scripting in IBM | cvebase