Cross-Site Scripting Vulnerability in IBM Resilient
CVE-2016-6062

6.1MEDIUM

Key Information:

Vendor: IBM
Status: Resilient
Vendor: CVE Published:; 16 February 2017

Summary

IBM Resilient versions 26.0, 26.1, and 26.2 contain a cross-site scripting vulnerability that allows malicious users to inject and execute arbitrary JavaScript code in the web interface. This can lead to unintended modifications of the application's functionality and potential exposure of sensitive user credentials during active sessions.

Affected Version(s)

Resilient v26.0

Resilient v26.1

Resilient v26.2

References

http://www.securityfocus.com/bid/94268

vdb-entryx_refsource_BID

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 16, 2017
Vulnerability Reserved
Jun 29, 2016