Vulnerabilities > CVE-2016-0369 - XXE vulnerability in IBM Forms Experience Builder 8.5/8.5.1/8.6.0

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ibm
CWE-611
NVD
Published: 2018-02-21
Updated: 2018-03-17

Summary

XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.

Vulnerable Configurations

Part Description Count
Application
Ibm
3

Common Weakness Enumeration (CWE)

References