Cross-Site Scripting (XSS) in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) in /sitecore/client/Applications/List Manager/Taskpages/Contact list

Cross-Site Scripting (XSS) in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) in /sitecore/client/Applications/List Manager/Taskpages/Contact list

CVE-2016-8855 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.

Learn more about our Contact.