Cross site scripting

2017-08-3114:29:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.9%

JSON

IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128172.

CPENameOperatorVersion
emptoris_sourcingeq9.5.1.0
emptoris_sourcingeq9.5.1.1
emptoris_sourcingeq9.5.1.2
emptoris_sourcingeq9.5
emptoris_sourcingeq10.0.0
emptoris_sourcingeq10.1.1
emptoris_sourcingeq10.0.2
emptoris_sourcingeq9.5.0.2
emptoris_sourcingeq10.1.3
emptoris_sourcingeq10.0.1

Name	Operator	Version
emptoris_sourcing	eq	9.5.1.0
emptoris_sourcing	eq	9.5.1.1
emptoris_sourcing	eq	9.5.1.2
emptoris_sourcing	eq	9.5
emptoris_sourcing	eq	10.0.0
emptoris_sourcing	eq	10.1.1
emptoris_sourcing	eq	10.0.2
emptoris_sourcing	eq	9.5.0.2
emptoris_sourcing	eq	10.1.3
emptoris_sourcing	eq	10.0.1