CVE-2015-5002

Name of the Vulnerable Software and Affected Versions IBM Host On-Demand versions 11.0 through 11.0.14

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL. This enables attackers to execute malicious scripts on the victim's browser, potentially leading to unauthorized actions or data theft.

Recommendations For versions 11.0 through 11.0.14, update to a version outside of this range to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.