CVE-2016-3001
IBM Connections Web UI is affected by an XSS vulnerability (CVE-2016-3001) in versions 4.x up to 4.5 CR5, 5.0 before CR4, and 5.5 before CR1. The issue is caused by injecting arbitrary script/HTML via an embedded string. Impact: remote authenticated users can execute script in the context of a us...