CVE-2015-0131

Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
Link Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21902807 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:leads:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:7.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:7.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:8.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:8.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:leads:9.1.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-06-28 22:59

Updated : 2024-02-28 15:21


NVD link : CVE-2015-0131

Mitre link : CVE-2015-0131

CVE.ORG link : CVE-2015-0131


JSON object : View

Products Affected

ibm

  • leads
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')