What is the severity of CVE-2016-0244?

CVE-2016-0244 is classified as a medium severity cross-site scripting (XSS) vulnerability.

How do I fix CVE-2016-0244?

To fix CVE-2016-0244, upgrade your IBM WebSphere Portal to a version without this vulnerability, specifically versions 6.1.0.7, 6.1.5.4 or later, or 7.0.0.3 or later.

What versions are affected by CVE-2016-0244?

CVE-2016-0244 affects IBM WebSphere Portal versions 6.1.0.x through 6.1.0.6, 6.1.5.x through 6.1.5.3, 7.x through 7.0.0.2, and versions prior to 8.0.0.1 or 8.5.0.0.

Can CVE-2016-0244 be exploited remotely?

Yes, CVE-2016-0244 can be exploited remotely by attackers through crafted URLs.

What is the impact of CVE-2016-0244?

The impact of CVE-2016-0244 allows attackers to inject arbitrary web scripts or HTML into affected IBM WebSphere Portal instances.

Vulnerability/
CVE-2016-0244

medium

6.1

CWE

29/2/2016

5/8/2024

CVE-2016-0244: XSS

First published: Mon Feb 29 2016(Updated: )

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-0243.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Portal	=6.1.0.0
IBM WebSphere Portal	=6.1.0.1
IBM WebSphere Portal	=6.1.0.2
IBM WebSphere Portal	=6.1.0.3
IBM WebSphere Portal	=6.1.0.4
IBM WebSphere Portal	=6.1.0.5
IBM WebSphere Portal	=6.1.0.6
IBM WebSphere Portal	=6.1.5.0
IBM WebSphere Portal	=6.1.5.1
IBM WebSphere Portal	=6.1.5.2
IBM WebSphere Portal	=6.1.5.3
IBM WebSphere Portal	=7.0.0.0
IBM WebSphere Portal	=7.0.0.1
IBM WebSphere Portal	=7.0.0.2
IBM WebSphere Portal	=8.0.0.0
IBM WebSphere Portal	=8.0.0.1
IBM WebSphere Portal	=8.5.0.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-0244?
CVE-2016-0244 is classified as a medium severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2016-0244?
To fix CVE-2016-0244, upgrade your IBM WebSphere Portal to a version without this vulnerability, specifically versions 6.1.0.7, 6.1.5.4 or later, or 7.0.0.3 or later.
What versions are affected by CVE-2016-0244?
CVE-2016-0244 affects IBM WebSphere Portal versions 6.1.0.x through 6.1.0.6, 6.1.5.x through 6.1.5.3, 7.x through 7.0.0.2, and versions prior to 8.0.0.1 or 8.5.0.0.
Can CVE-2016-0244 be exploited remotely?
Yes, CVE-2016-0244 can be exploited remotely by attackers through crafted URLs.
What is the impact of CVE-2016-0244?
The impact of CVE-2016-0244 allows attackers to inject arbitrary web scripts or HTML into affected IBM WebSphere Portal instances.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere portal
version/ibm websphere portal/6.1.0.0
version/ibm websphere portal/6.1.0.1
version/ibm websphere portal/6.1.0.2
version/ibm websphere portal/6.1.0.3
version/ibm websphere portal/6.1.0.4
version/ibm websphere portal/6.1.0.5
version/ibm websphere portal/6.1.0.6
version/ibm websphere portal/6.1.5.0
version/ibm websphere portal/6.1.5.1
version/ibm websphere portal/6.1.5.2
version/ibm websphere portal/6.1.5.3
version/ibm websphere portal/7.0.0.0
version/ibm websphere portal/7.0.0.1
version/ibm websphere portal/7.0.0.2
version/ibm websphere portal/8.0.0.0
version/ibm websphere portal/8.0.0.1
version/ibm websphere portal/8.5.0.0