{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T04:50:01.983","vulnerabilities":[{"cve":{"id":"CVE-2016-2967","sourceIdentifier":"psirt@us.ibm.com","published":"2017-08-29T21:29:00.307","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Sametime away message altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 113848."},{"lang":"es","value":"IBM Sametime 8.5.2 y 9.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en el mensaje de ausente de Sametime, alterando las funcionalidades planeadas. Esto podría desembocar en una revelación de credenciales en una sesión de confianza. IBM X-Force ID: 113848."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sametime:8.5.2.0:*:*:*:*:*:*:*","matchCriteriaId":"4D106630-D04F-406F-A3BD-029777B8E8F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sametime:8.5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"A84C4658-AEE7-4C63-A188-795B8FEB3A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sametime:9.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"624F11B5-9305-49E9-A7F1-45845234BFD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sametime:9.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"1E5B5DF0-0678-4E47-AC68-E24B5A93597D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sametime:9.0.1:*:*:*:*:*:*:*","matchCriteriaId":"F6F45A7B-1865-400A-A2E0-6E7BE46F6C8C"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=swg22006441","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/100572","source":"psirt@us.ibm.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/113848","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"http://www.ibm.com/support/docview.wss?uid=swg22006441","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/100572","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/113848","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]}]}}]}