Vulnerability Details CVE-2016-5984
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct clickjacking or other client-side browser attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2016-5984
-
cpe:2.3:a:ibm:infosphere_information_server:11.3
-
cpe:2.3:a:ibm:infosphere_information_server:11.5
-
cpe:2.3:a:ibm:infosphere_information_server:8.7
-
cpe:2.3:a:ibm:infosphere_information_server:9.1
-
cpe:2.3:a:ibm:infosphere_information_server_on_cloud:11.5