CVE-2016-8934
01.02.2017, 20:59
IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
| Vendor | Product | Version |
|---|---|---|
| ibm | websphere_application_server | 8.5.5.0 |
| ibm | websphere_application_server | 8.5.5.0 |
| ibm | websphere_application_server | 8.5.5.1 |
| ibm | websphere_application_server | 8.5.5.1 |
| ibm | websphere_application_server | 8.5.5.2 |
| ibm | websphere_application_server | 8.5.5.2 |
| ibm | websphere_application_server | 8.5.5.3 |
| ibm | websphere_application_server | 8.5.5.3 |
| ibm | websphere_application_server | 8.5.5.4 |
| ibm | websphere_application_server | 8.5.5.4 |
| ibm | websphere_application_server | 8.5.5.5 |
| ibm | websphere_application_server | 8.5.5.5 |
| ibm | websphere_application_server | 8.5.5.6 |
| ibm | websphere_application_server | 8.5.5.6 |
| ibm | websphere_application_server | 8.5.5.7 |
| ibm | websphere_application_server | 8.5.5.8 |
| ibm | websphere_application_server | 8.5.5.9 |
| ibm | websphere_application_server | 8.5.5.10 |
| ibm | websphere_application_server | 8.5.5.11 |
| ibm | websphere_application_server | 9.0.0.0 |
| ibm | websphere_application_server | 9.0.0.1 |
| ibm | websphere_application_server | 9.0.0.2 |
𝑥
= Vulnerable software versions