CVE-2016-0316

2016-11-25T15:59:00
ID CVE-2016-0316
Type cve
Reporter NVD
Modified 2016-11-28T18:38:13

Description

Cross-site scripting (XSS) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 and 6.0.2 before iFix003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.