NVD

Id
16769  
Name
CVE-2016-0316  
Description
Cross-site scripting (XSS) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 and 6.0.2 before iFix003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-11-25  
Modified Date
2016-11-28  
Seq
2016-0316  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
93291 16769 CVE-2016-0316 http://www-01.ibm.com/support/docview.wss?uid=swg21983137  View
93292 16769 CVE-2016-0316 92472  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5243 JVNDB-2016-006016 IBM Jazz Reporting Service の Lifecycle Query Engine におけるクロスサイトスクリプティングの脆弱性 IBM Jazz Reporting Service の Lifecycle Query Engine (LQE) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2016-0316 86520 CVE-2016-0316 16769 3.5 5.4 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-006016.html 2016-08-12 2016-11-30 View