cbcvebase.
CVE-2017-1282
published 2017-05-22

CVE-2017-1282: IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…

medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124760.

Affected

6 ranges
VendorProductVersion rangeFixed in
ibmcontent_navigator
ibmcontent_navigator
ibmcontent_navigator
ibmcontent_navigator
ibmcontent_navigator
ibm_corporationcontent_navigator