CVE-2016-8855

Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:sitecore:experience_platform:8.1:rev._160519:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-19 18:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-8855

Mitre link : CVE-2016-8855

CVE.ORG link : CVE-2016-8855


JSON object : View

Products Affected

sitecore

  • experience_platform
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')