Описание
Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-2862
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR55049
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR55139
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR55141
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR55264
- http://www-01.ibm.com/support/docview.wss?uid=swg21983625
- http://www.securityfocus.com/bid/91533
- http://www.securitytracker.com/id/1036206
Связанные уязвимости
CVSS3: 6.1
nvd
больше 9 лет назад
Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 before 7.0.0.9 cumulative iFix 3, and 8.0 before 8.0.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.