CVE-2016-2862: Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows…

medium6.1CVSS 3.0

AVNACLPRNUIRSCCLILAN

Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected

27 ranges· showing 25

Vendor	Product	Version range	Fixed in
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—
ibm	websphere_commerce	—	—