CVE-2016-5920
MEDIUMIBM FTM <3.0.0.x-3.0.1.0 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Financial Transaction Manager (FTM) for ACH Services 3.0.0.x before fp0015 and 3.0.1.0 before iFix0002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Scores
CVSS v3
5.4
EPSS
0.0020
EPSS Percentile
41.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (48)
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
ibm/financial_transaction_manager
... and 33 more
Timeline
Published
Oct 29, 2016
Tracked Since
Feb 18, 2026