Cross-Site Scripting Vulnerability in IBM TRIRIGA Application Platform
CVE-2016-5980
5.4MEDIUM
Summary
The IBM TRIRIGA Application Platform has a vulnerability that permits cross-site scripting, enabling attackers to inject arbitrary JavaScript code into the web interface. This flaw can be exploited to manipulate the application's functionalities and potentially disclose users' credentials during a trusted session, posing significant security risks.
Affected Version(s)
TRIRIGA Application Platform 3.2
TRIRIGA Application Platform 3.2.1
TRIRIGA Application Platform 3.1
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved