CVE-2014-8911

2015-02-1402:00:00

ibm

www.cve.org

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.3%

JSON

Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header.

References

www-01.ibm.com/support/docview.wss?uid=swg21693329

exchange.xforce.ibmcloud.com/vulnerabilities/99252