CVE-2016-0322

medium

Description

Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 through CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML by uploading an HTML document.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21982611

http://www-01.ibm.com/support/docview.wss?uid=swg1LO88783

Details

Source: Mitre, NVD

Published: 2016-06-30

Updated: 2026-05-06

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00168