CVE
- Id
- 95755
- CVE No.
- CVE-2016-8935
- Status
- Candidate
- Description
- IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999483.
- Phase
- Assigned (20161025)
- Votes
- None (candidate not yet proposed)
- Comments