Cross-Site Scripting Vulnerability in IBM Emptoris Contract Management

CVE-2015-7398

What is CVE-2015-7398?

A cross-site scripting (XSS) vulnerability exists in IBM Emptoris Contract Management that allows remote authenticated users to inject arbitrary web scripts or HTML through specially crafted URLs. This issue affects specific versions of the product, posing significant risks if exploited.

References