Open Redirect Vulnerability in IBM Emptoris Sourcing
CVE-2016-8953

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Emptoris Sourcing
Vendor: CVE Published:; 12 July 2017

What is CVE-2016-8953?

IBM Emptoris Sourcing versions 9.5.x through 10.1.x are susceptible to an open redirect vulnerability. This flaw enables remote attackers to execute phishing attacks by enticing users to visit a crafted URL. By exploiting this vulnerability, an attacker can spoof the visible URL, redirecting users to a malicious site that appears legitimate. This may lead to the exposure of sensitive information or facilitate further malicious actions against the targeted users. For more details, refer to IBM X-Force ID: 118840.