Lucene search

PRIOn knowledge basePRION:CVE-2015-4939

HistoryOct 06, 2015 - 1:59 a.m.

Cross site scripting

2015-10-0601:59:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

50.8%

JSON

Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris Program Management 10.x before 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x before 10.0.3.2, and 10.0.4.x before 10.0.4.0_iFix1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CPENameOperatorVersion
emptoris_program_managementeq10.0.2.4
emptoris_program_managementeq10.0.1.3
emptoris_program_managementeq10.0.2.3
emptoris_program_managementeq10.0.2.6
emptoris_program_managementeq10.0.1.1
emptoris_program_managementeq10.0.0.2
emptoris_program_managementeq10.0.0.1
emptoris_program_managementeq10.0.1.4
emptoris_program_managementeq10.0.1.2
emptoris_program_managementeq10.0.2.2

Name	Operator	Version
emptoris_program_management	eq	10.0.2.4
emptoris_program_management	eq	10.0.1.3
emptoris_program_management	eq	10.0.2.3
emptoris_program_management	eq	10.0.2.6
emptoris_program_management	eq	10.0.1.1
emptoris_program_management	eq	10.0.0.2
emptoris_program_management	eq	10.0.0.1
emptoris_program_management	eq	10.0.1.4
emptoris_program_management	eq	10.0.1.2
emptoris_program_management	eq	10.0.2.2

Rows per page:

1-10 of 461

References

www-01.ibm.com/support/docview.wss?uid=swg21966754

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

50.8%

JSON

Related for PRION:CVE-2015-4939