Arbitrary Script Injection Vulnerability in IBM Forms Experience Builder

Arbitrary Script Injection Vulnerability in IBM Forms Experience Builder

CVE-2016-0370 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an application that was built with this product.

Learn more about our Cis Benchmark Audit For Ibm I.