Medium severity6.1NVD Advisory· Published Mar 19, 2017· Updated Jun 17, 2026
CVE-2016-8855
CVE-2016-8855
Description
Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=8.1 rev. 160519 (8.1 Update-3)+ 2 more
- (no CPE)range: <=8.1 rev. 160519 (8.1 Update-3)
- cpe:2.3:a:sitecore:experience_platform:8.1:rev._160519:*:*:*:*:*:*
- (no CPE)range: <8.2 Update-2
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/141655/Sitecore-Experience-Platform-8.1-Update-3-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/41618/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.