CVE-2016-6062Cross-site Scripting in Corporation Resilient

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 53.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Corporation ResilientIBM Resilient
Timeline
PublishedFeb 16
Latest updateMay 17

Description

IBM Resilient v26.0, v26.1, and v26.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference#: 213457065.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDibm/resilient26.0, 26.1, 26.2+2
CVEListV5ibm_corporation/resilientv26.0, v26.1, v26.2+2

🔴Vulnerability Details

2
GHSA
GHSA-7cg9-j8m6-f49c: IBM Resilient v262022-05-17
CVEList
CVE-2016-6062: IBM Resilient v262017-02-16
CVE-2016-6062 — Cross-site Scripting | cvebase