CVE-2016-0261

Name of the Vulnerable Software and Affected Versions IBM Curam Social Program Management versions 6.0.0 through 6.0.0 before SP2 EP29 IBM Curam Social Program Management versions 6.0.4 through 6.0.4 before 6.0.4.6 iFix3 IBM Curam Social Program Management versions 6.0.5 through 6.0.5 before 6.0.5.9 iFix2 IBM Curam Social Program Management version 6.1.0 before 6.1.0.1 iFix1 IBM Curam Social Program Management version 6.1.1 before 6.1.1.1 iFix1 IBM Care Management version 6.0

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For IBM Curam Social Program Management versions 6.0.0 through 6.0.0 before SP2 EP29, update to at least SP2 EP29. For IBM Curam Social Program Management versions 6.0.4 through 6.0.4 before 6.0.4.6 iFix3, update to at least 6.0.4.6 iFix3. For IBM Curam Social Program Management versions 6.0.5 through 6.0.5 before 6.0.5.9 iFix2, update to at least 6.0.5.9 iFix2. For IBM Curam Social Program Management version 6.1.0 before 6.1.0.1 iFix1, update to at least 6.1.0.1 iFix1. For IBM Curam Social Program Management version 6.1.1 before 6.1.1.1 iFix1, update to at least 6.1.1.1 iFix1. For IBM Care Management version 6.0, there is no information about a newer version that contains a fix for this issue.