3.5
CVSSv2

CVE-2016-0280

Published: 08/08/2016 Updated: 01/09/2017
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 prior to 9.1.2.0, Information Server Framework and InfoSphere Information Governance Catalog 11.3 prior to 11.3.1.2, and Information Server Framework and InfoSphere Information Governance Catalog 11.5 prior to 11.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.