CVE-2015-5008

Опубликовано: 18 янв. 2016

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through FP11, 6.0 Feature Pack 4, 7.0 through FP9, 7.0 Feature Pack 5 through 8, and 8.0 before 8.0.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_commerce:6.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:6.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_5:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_6:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_7:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_8:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:7.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_commerce:8.0.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00654

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-qm8g-43f9-rmgw