Back to search
CVE-2017-1115
Published: Sep 7, 2018
Modified: Sep 16, 2024
PUBLISHED
CVSS v3.0
5.4
MEDIUM
Description
IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 121153.
| Vendor | Product | Versions |
|---|---|---|
IBM | Campaign | affected 9.1affected 9.1.2affected 10 |
CVSS v3.0 Details
CVSS v3.0 Vector
CVSS:3.0/A:N/AC:L/AV:N/C:L/I:L/PR:L/S:C/UI:R/E:U/RC:C/RL:O
Availability
None
Attack Complexity
Low
Attack Vector
Network
Confidentiality
Low
Integrity
Low
Privileges Required
Low
Scope
Changed
User Interaction
Required
References
ibm-campaign-cve20171115-html-injection(121153)
vdb-entry
x_refsource_XF
https://www.ibm.com/support/docview.wss?uid=ibm10729769
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now