CVE-2016-2934

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

6.1MEDIUM

EPSS

0.3%

top 50.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Bigfix Remote Control

Timeline

PublishedNov 30

Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

▶NVDibm/bigfix_remote_control9.1.2

🔴Vulnerability Details

GHSA

GHSA-3jpv-v5qf-r957: Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9↗2022-05-17

▶

CVEList

CVE-2016-2934: Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9↗2016-11-30

▶