What is the severity of CVE-2016-5980?

CVE-2016-5980 has been assigned a medium severity rating.

How do I fix CVE-2016-5980?

To fix CVE-2016-5980, upgrade to the latest version of IBM TRIRIGA Application Platform that has addressed this vulnerability.

What versions of IBM TRIRIGA Application Platform are affected by CVE-2016-5980?

CVE-2016-5980 affects IBM TRIRIGA Application Platform versions 3.3.0.0 to 3.5.1.1.

Can CVE-2016-5980 lead to credential disclosure?

Yes, CVE-2016-5980 can potentially lead to credential disclosure within a trusted session due to cross-site scripting.

Is CVE-2016-5980 a cross-site scripting vulnerability?

Yes, CVE-2016-5980 is a cross-site scripting (XSS) vulnerability allowing the injection of arbitrary JavaScript code.

Vulnerability/
CVE-2016-5980

medium

5.4

CWE

1/2/2017

6/8/2024

CVE-2016-5980: XSS

First published: Wed Feb 01 2017(Updated: )

IBM TRIRIGA Application Platform is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM TRIRIGA Application Platform	=3.3.0.0
IBM TRIRIGA Application Platform	=3.3.0.1
IBM TRIRIGA Application Platform	=3.3.0.2
IBM TRIRIGA Application Platform	=3.3.1.0
IBM TRIRIGA Application Platform	=3.3.1.1
IBM TRIRIGA Application Platform	=3.3.1.2
IBM TRIRIGA Application Platform	=3.3.1.3
IBM TRIRIGA Application Platform	=3.3.2.0
IBM TRIRIGA Application Platform	=3.3.2.1
IBM TRIRIGA Application Platform	=3.3.2.2
IBM TRIRIGA Application Platform	=3.3.2.3
IBM TRIRIGA Application Platform	=3.3.2.4
IBM TRIRIGA Application Platform	=3.3.2.5
IBM TRIRIGA Application Platform	=3.4.0.0
IBM TRIRIGA Application Platform	=3.4.0.1
IBM TRIRIGA Application Platform	=3.4.1.0
IBM TRIRIGA Application Platform	=3.4.1.1
IBM TRIRIGA Application Platform	=3.4.1.2
IBM TRIRIGA Application Platform	=3.4.1.3
IBM TRIRIGA Application Platform	=3.4.2.0
IBM TRIRIGA Application Platform	=3.4.2.1
IBM TRIRIGA Application Platform	=3.4.2.2
IBM TRIRIGA Application Platform	=3.4.2.3
IBM TRIRIGA Application Platform	=3.4.2.4
IBM TRIRIGA Application Platform	=3.5.0.0
IBM TRIRIGA Application Platform	=3.5.0.1
IBM TRIRIGA Application Platform	=3.5.1.0
IBM TRIRIGA Application Platform	=3.5.1.1

Remedy

http://www.ibm.com/support/docview.wss?uid=swg21991992

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-5980?
CVE-2016-5980 has been assigned a medium severity rating.
How do I fix CVE-2016-5980?
To fix CVE-2016-5980, upgrade to the latest version of IBM TRIRIGA Application Platform that has addressed this vulnerability.
What versions of IBM TRIRIGA Application Platform are affected by CVE-2016-5980?
CVE-2016-5980 affects IBM TRIRIGA Application Platform versions 3.3.0.0 to 3.5.1.1.
Can CVE-2016-5980 lead to credential disclosure?
Yes, CVE-2016-5980 can potentially lead to credential disclosure within a trusted session due to cross-site scripting.
Is CVE-2016-5980 a cross-site scripting vulnerability?
Yes, CVE-2016-5980 is a cross-site scripting (XSS) vulnerability allowing the injection of arbitrary JavaScript code.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/author
agent/severity
agent/remedy
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/ibm
canonical/ibm tririga application platform
version/ibm tririga application platform/3.3.0.0
version/ibm tririga application platform/3.3.0.1
version/ibm tririga application platform/3.3.0.2
version/ibm tririga application platform/3.3.1.0
version/ibm tririga application platform/3.3.1.1
version/ibm tririga application platform/3.3.1.2
version/ibm tririga application platform/3.3.1.3
version/ibm tririga application platform/3.3.2.0
version/ibm tririga application platform/3.3.2.1
version/ibm tririga application platform/3.3.2.2
version/ibm tririga application platform/3.3.2.3
version/ibm tririga application platform/3.3.2.4
version/ibm tririga application platform/3.3.2.5
version/ibm tririga application platform/3.4.0.0
version/ibm tririga application platform/3.4.0.1
version/ibm tririga application platform/3.4.1.0
version/ibm tririga application platform/3.4.1.1
version/ibm tririga application platform/3.4.1.2
version/ibm tririga application platform/3.4.1.3
version/ibm tririga application platform/3.4.2.0
version/ibm tririga application platform/3.4.2.1
version/ibm tririga application platform/3.4.2.2
version/ibm tririga application platform/3.4.2.3
version/ibm tririga application platform/3.4.2.4
version/ibm tririga application platform/3.5.0.0
version/ibm tririga application platform/3.5.0.1
version/ibm tririga application platform/3.5.1.0
version/ibm tririga application platform/3.5.1.1