Cross site scripting

2014-08-2614:55:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.8%

JSON

Cross-site scripting (XSS) vulnerability in IBM Emptoris Contract Management 9.5.x before 9.5.0.6 iFix 10, 10.0.0.x before 10.0.0.1 iFix 10, 10.0.1.x before 10.0.1.4, and 10.0.2.x before 10.0.2.2 iFix 2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CPENameOperatorVersion
emptoris_contract_managementeq9.5.0.5
emptoris_contract_managementeq10.0.1.1
emptoris_contract_managementeq9.5.0.6
emptoris_contract_managementeq10.0.1.3
emptoris_contract_managementeq10.0.2.1
emptoris_contract_managementeq9.5.0.4
emptoris_contract_managementeq10.0.2.2
emptoris_contract_managementeq9.5.0.2
emptoris_contract_managementeq10.0.1.0
emptoris_contract_managementeq10.0.0.0

Name	Operator	Version
emptoris_contract_management	eq	9.5.0.5
emptoris_contract_management	eq	10.0.1.1
emptoris_contract_management	eq	9.5.0.6
emptoris_contract_management	eq	10.0.1.3
emptoris_contract_management	eq	10.0.2.1
emptoris_contract_management	eq	9.5.0.4
emptoris_contract_management	eq	10.0.2.2
emptoris_contract_management	eq	9.5.0.2
emptoris_contract_management	eq	10.0.1.0
emptoris_contract_management	eq	10.0.0.0