CVE-2016-9979

CVE-2016-9979 affects IBM Cúram Social Program Management. The issue is cross-site scripting caused by improper validation of user-supplied input, allowing an attacker to embed arbitrary JavaScript in the Web UI and potentially disclose credentials within a trusted session. Affected versions incl...