NVD

Id
18866  
Name
CVE-2016-2888  
Description
Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-0313 and CVE-2016-0350.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-07-07  
Modified Date
2016-07-08  
Seq
2016-2888  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
104726 18866 CVE-2016-2888 http://www-01.ibm.com/support/docview.wss?uid=swg21983147  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
2743 JVNDB-2016-003516 IBM Jazz Reporting Service の Report Builder および Data Collection Component におけるクロスサイトスクリプティングの脆弱性 IBM Jazz Reporting Service (JRS) の Report Builder および Data Collection Component (DCC) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2016-2888 89394 CVE-2016-2888 18866 4.3 5.4 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003516.html 2016-06-24 2016-07-13 View