CVE-2015-1911

Name of the Vulnerable Software and Affected Versions IBM Sterling Selling and Fulfillment Suite versions 8.5 through 8.5 before HF113 IBM Sterling Selling and Fulfillment Suite versions 9.0.0 through 9.0.0 before FP92 IBM Sterling Field Sales (SFS) versions 9.0 through 9.0 before HF7

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL. This can be exploited by injecting malicious code into a website, potentially leading to unauthorized access or control.

Recommendations For versions 8.5 through 8.5 before HF113, apply Hotfix 113 to resolve the issue. For versions 9.0.0 through 9.0.0 before FP92, apply Fix Pack 92 to resolve the issue. For versions 9.0 through 9.0 before HF7, apply Hotfix 7 to resolve the issue.