CVE-2016-6118
IBM Emptoris Supplier Lifecycle Management 10.1.0.x is affected by a Cross-Site Scripting vulnerability (CVE-2016-6118). The issue allows an attacker to inject arbitrary JavaScript into the Web UI, potentially altering functionality and leading to credential exposure within a trusted session. Thi...