Vulnerability Description
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Content Navigator | 2.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21693329Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99252
- http://www-01.ibm.com/support/docview.wss?uid=swg21693329Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99252
FAQ
What is CVE-2014-8911?
CVE-2014-8911 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HT...
How severe is CVE-2014-8911?
CVE-2014-8911 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8911?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Content Navigator.