CVE-2016-5975 Information
Feb 14, 2021
cve
Description
Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10 8.8 before 8.8.0.9049 FP9 9.0.0 and 9.0.1 before 9.0.1.1117 FP5 9.0.1A before 9.0.1.5108_9.0.1A FP5 9.0.2 before 9.0.2.1223 FP3 and 9.0.2A before 9.0.2.5224_9.0.2A FP3 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string a different vulnerability than CVE-2016-5978.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Reference
http://www.securityfocus.com/bid/93135 http://www-01.ibm.com/support/docview.wss?uid=swg21990216
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
5.4
Share on: