VYPR
Get started
← All advisories
Medium severity5.4NVD Advisory· Published Apr 20, 2017· Updated May 13, 2026

CVE-2016-9980

CVE-2016-9980

Description

IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120256.

Affected products

40
  • IBM/Curam Social Program Managementv5
    Range: 6.0.4, 6.0.5, 6.0, 5.2, 4.5, 6.0.3, 6.1, 5.2.6, 6.0.1, 6.1.0, 6.1.1, 6.2.0, 7.0.0
  • IBM/Curam Social Program Management39 versions
    cpe:2.3:a:ibm:curam_social_program_management:5.2:sp4:*:*:*:*:*:*+ 38 more
    • cpe:2.3:a:ibm:curam_social_program_management:5.2:sp4:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:5.2:sp1:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:5.2:sp6:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:7.0.0.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.