Search...

CVE-2015-0195

2015-10-03T18:59:07

ID CVE-2015-0195
Type cve
Reporter NVD
Modified 2015-10-05T15:44:37

Description

Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

JSON Vulners Source

Initial Source

{"reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 4.3}, "vulnersScore": 4.3}, "published": "2015-10-03T18:59:07", "cvelist": ["CVE-2015-0195"], "title": "CVE-2015-0195", "objectVersion": "1.2", "type": "cve", "hash": "a0e45ead4a5e4b03c6b882f95765a67ba48ed585806c19f75a91d2a374b4a253", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0195", "bulletinFamily": "NVD", "id": "CVE-2015-0195", "history": [], "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "modified": "2015-10-05T15:44:37", "viewCount": 0, "cpe": ["cpe:/a:ibm:content_template_catalog:4.3", "cpe:/a:ibm:content_template_catalog:4.1.3"], "edition": 1, "description": "Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSphere Portal 8.0.x and 4.x before 4.3.1 for WebSphere Portal 8.5.x allows remote attackers to inject arbitrary web script or HTML via a crafted URL.", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg21958969"], "lastseen": "2016-09-03T21:50:57", "assessment": {"system": "", "name": "", "href": ""}}