CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-1682

IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134004.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.2%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

http://www.ibm.com/support/docview.wss?uid=swg22012900
https://exchange.xforce.ibmcloud.com/vulnerabilities/134004
http://www.ibm.com/support/docview.wss?uid=swg22012900
https://exchange.xforce.ibmcloud.com/vulnerabilities/134004

Products affected by CVE-2017-1682

Ibm » Connections » Version: 4.0

cpe:2.3:a:ibm:connections:4.0
Ibm » Connections » Version: 4.5

cpe:2.3:a:ibm:connections:4.5
Ibm » Connections » Version: 5.0

cpe:2.3:a:ibm:connections:5.0
Ibm » Connections » Version: 5.5

cpe:2.3:a:ibm:connections:5.5
Ibm » Connections » Version: 6.0

cpe:2.3:a:ibm:connections:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1682

Products

Pricing

Contact Us