CVE-2016-8936

Summary

IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationWebSphere Portal5.1.0.0affected
IBM CorporationWebSphere Portal5.1.0.1affected
IBM CorporationWebSphere Portal5.1.0.2affected
IBM CorporationWebSphere Portal5.1.0.3affected
IBM CorporationWebSphere Portal5.1.0.4affected
IBM CorporationWebSphere Portal5.1.0.5affected
IBM CorporationWebSphere Portal6.0.0.0affected
IBM CorporationWebSphere Portal6.0.0.1affected
IBM CorporationWebSphere Portal6.0.1.1affected
IBM CorporationWebSphere Portal6.0.1.3affected
IBM CorporationWebSphere Portal6.1.0.0affected
IBM CorporationWebSphere Portal6.0.1.5affected
IBM CorporationWebSphere Portal6.0.1.2affected
IBM CorporationWebSphere Portal6.0.1.4affected
IBM CorporationWebSphere Portal6.1.0.1affected
IBM CorporationWebSphere Portal6.1.0.2affected
IBM CorporationWebSphere Portal6.1.0.3affected
IBM CorporationWebSphere Portal6.0.1.5 build wp6015_008_01affected
IBM CorporationWebSphere Portal6.0.0.2affected
IBM CorporationWebSphere Portal6.0.0.3affected
IBM CorporationWebSphere Portal6.0.0.4affected
IBM CorporationWebSphere Portal6.0.1.0affected
IBM CorporationWebSphere Portal6.0.1.6affected
IBM CorporationWebSphere Portal6.0.1.7affected
IBM CorporationWebSphere Portal6.1.5.0affected
IBM CorporationWebSphere Portal7.0affected
IBM CorporationWebSphere Portal7.0.0.1affected
IBM CorporationWebSphere Portal8.0affected
IBM CorporationWebSphere Portal1.0affected
IBM CorporationWebSphere Portal8.0.0.1affected
IBM CorporationWebSphere Portal7.0.0.2affected
IBM CorporationWebSphere Portal6.1.0.4affected
IBM CorporationWebSphere Portal6.1.0.5affected
IBM CorporationWebSphere Portal6.1.0.6affected
IBM CorporationWebSphere Portal6.1.5.1affected
IBM CorporationWebSphere Portal6.1.5.2affected
IBM CorporationWebSphere Portal6.1.5.3affected
IBM CorporationWebSphere Portal8affected
IBM CorporationWebSphere Portal7affected
IBM CorporationWebSphere Portal6.1.5affected
IBM CorporationWebSphere Portal6.1.0affected
IBM CorporationWebSphere Portal6.0.1affected
IBM CorporationWebSphere Portal6.0.0affected
IBM CorporationWebSphere Portal8.5affected
IBM CorporationWebSphere Portal6.1affected
IBM CorporationWebSphere Portal6.0affected
IBM CorporationWebSphere Portal8.5.0affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References