VYPR
Medium severity6.1NVD Advisory· Published Mar 19, 2017· Updated Jun 17, 2026

CVE-2016-8855

CVE-2016-8855

Description

Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • <=8.1 rev. 160519 (8.1 Update-3)+ 2 more
    • (no CPE)range: <=8.1 rev. 160519 (8.1 Update-3)
    • cpe:2.3:a:sitecore:experience_platform:8.1:rev._160519:*:*:*:*:*:*
    • (no CPE)range: <8.2 Update-2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.