CVE

Id
95755  
CVE No.
CVE-2016-8935  
Status
Candidate  
Description
IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999483.  
Phase
Assigned (20161025)  
Votes
None (candidate not yet proposed)  
Comments