Cross-Site Scripting Vulnerability in IBM Algorithmics Algo One Risk Application
CVE-2016-0390

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Algo One
Vendor: CVE Published:; 15 May 2016

Summary

The vulnerability in IBM's Algorithmics Algo One Risk Application allows remote authenticated users to exploit cross-site scripting (XSS) vulnerabilities. By crafting a specific URL, attackers can inject arbitrary web scripts or HTML into the application, posing significant security risks to users and data integrity. Organizations using versions 4.9.1 to 5.1.0 should address this issue promptly to mitigate potential threats.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21981321

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 15, 2016
Vulnerability Reserved
Dec 8, 2015