Vulnerability Description
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110604.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Curam Social Program Management | >= 6.0.4.0, <= 6.0.4.6 |
| Ibm | Care Management | 6.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21981103PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/110604VDB EntryVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21981103PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/110604VDB EntryVendor Advisory
FAQ
What is CVE-2016-0261?
CVE-2016-0261 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 bef...
How severe is CVE-2016-0261?
CVE-2016-0261 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-0261?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Curam Social Program Management, Ibm Care Management.