VYPR
Medium severity6.1NVD Advisory· Published Jan 18, 2016· Updated Jun 17, 2026

CVE-2015-5008

CVE-2015-5008

Description

Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through FP11, 6.0 Feature Pack 4, 7.0 through FP9, 7.0 Feature Pack 5 through 8, and 8.0 before 8.0.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected products

27
  • cpe:2.3:a:ibm:websphere_commerce:6.0.0.0:*:*:*:*:*:*:*+ 26 more
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:6.0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_5:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_6:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_7:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:7.0:feature_pack_8:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_commerce:8.0.0.0:*:*:*:*:*:*:*
    • (no CPE)range: >=6.0, <=6.0 FP11; 6.0 Feature Pack 4; >=7.0, <=7.0 FP9; 7.0 Feature Pack 5 through 8; <8.0.0.1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.