Lucene search
IbmCVELIST:CVE-2016-9704HistoryFeb 01, 2017 - 10:00 p.m.
CVE-2016-9704
2017-02-0122:00:00
ibm
www.cve.org
0.001 Low
EPSS
Percentile
44.1%
IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CNA Affected
[
{
"product": "Identity Manager",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "6"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7"
}
]
}
]Related
cve
cve
CVE-2016-9704
2017-02-01 22:59:01
nvd
nvd
CVE-2016-9704
2017-02-01 22:59:01
prion
prion
Cross site scripting
2017-02-01 22:59:00