CVE-2015-1911
Last modified
CVE-2015-1911 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in Sterling Order Management 8.5 before HF113, Sterling Selling and Fulfillment Foundation 9.0.0 before FP92, and Sterling Field Sales (SFS) 9.0 before HF7 in IBM Sterling Selling and Fulfillment Suite allows remote attackers to inject arbitrary web script or HTML via a crafted URL.. EPSS estimates a 0.95% chance of exploitation in the next 30 days.
Description
Cross-site scripting (XSS) vulnerability in Sterling Order Management 8.5 before HF113, Sterling Selling and Fulfillment Foundation 9.0.0 before FP92, and Sterling Field Sales (SFS) 9.0 before HF7 in IBM Sterling Selling and Fulfillment Suite allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling Field Sales | 9.0 |
| Ibm | Sterling Order Management | 8.5 |
| Ibm | Sterling Selling And Fulfillment Foundation | 9.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-1911?
How severe is CVE-2015-1911?
How do I fix CVE-2015-1911?
Are you affected by CVE-2015-1911?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST