Cross-Site Scripting Vulnerability in IBM TRIRIGA Application Platform
CVE-2016-6000

6.1MEDIUM

Key Information:

Vendor: IBM
Status: Tririga Application Platform
Vendor: CVE Published:; 1 February 2017

Summary

The IBM TRIRIGA Application Platform is susceptible to cross-site scripting, enabling attackers to inject arbitrary JavaScript into the Web interface. This flaw could be exploited to manipulate the functionality of the application, potentially resulting in the exposure of user credentials within a trusted session. This risk emphasizes the importance of securing web applications against code injection attacks to protect sensitive data.

Affected Version(s)

TRIRIGA Application Platform 3.2

TRIRIGA Application Platform 3.2.1

TRIRIGA Application Platform 3.1

References

http://www.securityfocus.com/bid/93603

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21991995

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Jun 29, 2016