ID CVE-2016-3048
Type cve
Reporter NVD
Modified 2017-11-16T11:57:04
Description
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114711.
{"reporter": "NVD", "viewCount": 1, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2017-11-17T11:27:13"}, "vulnersScore": 4.3}, "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "0661ba36e3a02bb93dd4dba899b690dd", "key": "cpe"}, {"hash": "632631cbca3fa366fe8ae8260535bb05", "key": "cvelist"}, {"hash": "d16a1892885a4cedfc7b1d4344ffb50d", "key": "cvss"}, {"hash": "a84f841dda341472aca2ec927b3a121c", "key": "description"}, {"hash": "69f1e76f63684df3491855491381cf1a", "key": "href"}, {"hash": "81d256f4e4be2f6e609efceb31124c54", "key": "modified"}, {"hash": "168ea5b7260ad585e7a39e37698892f9", "key": "published"}, {"hash": "494bc800a2790045b6abea485e536b8e", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "58977519ad0b57e5792a132108aed4f4", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "assessment": {"name": "", "system": "", "href": ""}, "type": "cve", "title": "CVE-2016-3048", "objectVersion": "1.3", "cvelist": ["CVE-2016-3048"], "bulletinFamily": "NVD", "cvss": {"score": 3.5, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:NONE/I:PARTIAL/A:NONE/"}, "references": ["http://www.ibm.com/support/docview.wss?uid=swg21997685", "http://www.securityfocus.com/bid/101660", "https://exchange.xforce.ibmcloud.com/vulnerabilities/114711"], "scanner": [], "modified": "2017-11-16T11:57:04", "description": "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114711.", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3048", "edition": 3, "history": [{"edition": 2, "bulletin": {"reporter": "NVD", "history": [], "enchantments": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3048", "assessment": {"name": "", "system": "", "href": ""}, "viewCount": 0, "hash": "51c1edf3c8546922d0c0b955d0011943ab064c261d1beffae4a27cc329bba963", "title": "CVE-2016-3048", "objectVersion": "1.3", "bulletinFamily": "NVD", "cvelist": ["CVE-2016-3048"], "cvss": {"score": 0.0, "vector": "NONE"}, "references": ["http://www.ibm.com/support/docview.wss?uid=swg21997685", "http://www.securityfocus.com/bid/101660", "https://exchange.xforce.ibmcloud.com/vulnerabilities/114711"], "type": "cve", "modified": "2017-11-03T21:29:18", "description": "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114711.", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "632631cbca3fa366fe8ae8260535bb05", "key": "cvelist"}, {"hash": "494bc800a2790045b6abea485e536b8e", "key": "references"}, {"hash": "2faf49b0ad1b721a4f5c24667b47483f", "key": "modified"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "69f1e76f63684df3491855491381cf1a", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a84f841dda341472aca2ec927b3a121c", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "168ea5b7260ad585e7a39e37698892f9", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "58977519ad0b57e5792a132108aed4f4", "key": "title"}], "edition": 2, "scanner": [], "id": "CVE-2016-3048", "cpe": [], "lastseen": "2017-11-04T10:53:27", "published": "2017-11-01T17:29:00"}, "lastseen": "2017-11-04T10:53:27", "differentElements": ["cvss", "modified", "cpe"]}, {"edition": 1, "bulletin": {"reporter": "NVD", "history": [], "enchantments": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3048", "assessment": {"name": "", "system": "", "href": ""}, "viewCount": 0, "hash": "9ca5ad794078d27f9bff235860449bd379ee8a53e35f1ee3bdf8a8b06c36765c", "title": "CVE-2016-3048", "objectVersion": "1.3", "bulletinFamily": "NVD", "cvelist": ["CVE-2016-3048"], "cvss": {"score": 0.0, "vector": "NONE"}, "references": ["http://www.ibm.com/support/docview.wss?uid=swg21997685", "https://exchange.xforce.ibmcloud.com/vulnerabilities/114711"], "type": "cve", "modified": "2017-11-01T17:29:00", "description": "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 114711.", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "632631cbca3fa366fe8ae8260535bb05", "key": "cvelist"}, {"hash": "2ded5a61be843ac929ee061e255bb8db", "key": "references"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "69f1e76f63684df3491855491381cf1a", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a84f841dda341472aca2ec927b3a121c", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "168ea5b7260ad585e7a39e37698892f9", "key": "published"}, {"hash": "168ea5b7260ad585e7a39e37698892f9", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "58977519ad0b57e5792a132108aed4f4", "key": "title"}], "edition": 1, "scanner": [], "id": "CVE-2016-3048", "cpe": [], "lastseen": "2017-11-02T10:51:42", "published": "2017-11-01T17:29:00"}, "lastseen": "2017-11-02T10:51:42", "differentElements": ["references", "modified"]}], "id": "CVE-2016-3048", "cpe": ["cpe:/a:ibm:openpages_grc_platform:7.2.0.0", "cpe:/a:ibm:openpages_grc_platform:7.1.0.1", "cpe:/a:ibm:openpages_grc_platform:7.1.0.3", "cpe:/a:ibm:openpages_grc_platform:7.2.0.2", "cpe:/a:ibm:openpages_grc_platform:7.2.0.3", "cpe:/a:ibm:openpages_grc_platform:7.2.0.1", "cpe:/a:ibm:openpages_grc_platform:7.1.0.0", "cpe:/a:ibm:openpages_grc_platform:7.3.0.0", "cpe:/a:ibm:openpages_grc_platform:7.1.0.2", "cpe:/a:ibm:openpages_grc_platform:7.2.0.4"], "lastseen": "2017-11-17T11:27:13", "hash": "9e3e39e49174eea44d6d64fbb3aa736443ac701662e2f75dff6a28bed3920f02", "published": "2017-11-01T17:29:00"}
{}