Lucene search
HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-4999
cve-2009-4999
cross-site scripting
xss
ibm filenet
p8ae
workplace component
nvd
security vulnerability
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.9%
Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script or HTML via the Name field.
Affected configurations
Node
ibmfilenet_p8_application_engineMatch3.5.1
ORibmfilenet_p8_application_engineMatch3.5.1001
ORibmfilenet_p8_application_engineMatch3.5.1002
ORibmfilenet_p8_application_engineMatch3.5.1003
ORibmfilenet_p8_application_engineMatch3.5.1004
ORibmfilenet_p8_application_engineMatch3.5.1005
ORibmfilenet_p8_application_engineMatch3.5.1006
ORibmfilenet_p8_application_engineMatch3.5.1007
ORibmfilenet_p8_application_engineMatch3.5.1008
ORibmfilenet_p8_application_engineMatch3.5.1009
ORibmfilenet_p8_application_engineMatch3.5.1010
ORibmfilenet_p8_application_engineMatch3.5.1011
ORibmfilenet_p8_application_engineMatch3.5.1012
ORibmfilenet_p8_application_engineMatch3.5.1013
ORibmfilenet_p8_application_engineMatch3.5.1014
ORibmfilenet_p8_application_engineMatch3.5.1015
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:filenet_p8_application_engine | ibm filenet p8 application engine | eq | 3.5.1 |
Related
prion
prion
Cross site scripting
2010-09-20 22:00:00
cvelist
cvelist
CVE-2009-4999
2022-10-03 16:24:04
nvd
nvd
CVE-2009-4999
2010-09-20 22:00:03
5.7 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.9%
Related for CVE-2009-4999