CVE-2016-2979

CVE-2016-2979 : Multiple documents confirm a cross-site scripting vulnerability in IBM Sametime Meeting Server versions 8.5.2 and 9.0. The issue allows a user to embed arbitrary JavaScript into the Web UI, potentially altering functionality and enabling credentials disclosure within a trusted ses...