Arbitrary Web Script Injection Vulnerability in IBM Content Navigator

Arbitrary Web Script Injection Vulnerability in IBM Content Navigator

CVE-2015-1888 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before 2.0.2-ICN-FP007 and 2.0.3 before 2.0.3-ICN-FP003, as used in Content Manager, FileNet Content Manager, Content Foundation, Content Manager OnDemand, and other products, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Learn more about our Cis Benchmark Audit For Ibm I.