Cross-Site Scripting Vulnerability in IBM TRIRIGA Application Platform
CVE-2016-5980

5.4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
1 February 2017

Summary

The IBM TRIRIGA Application Platform has a vulnerability that permits cross-site scripting, enabling attackers to inject arbitrary JavaScript code into the web interface. This flaw can be exploited to manipulate the application's functionalities and potentially disclose users' credentials during a trusted session, posing significant security risks.

Affected Version(s)

TRIRIGA Application Platform 3.2

TRIRIGA Application Platform 3.2.1

TRIRIGA Application Platform 3.1

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.