CVE-2009-4999
Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script or HTML via the Name field.
| Software | From | Fixed in |
|---|---|---|
| ibm / filenet_p8_application_engine | 3.5.1-009 | 3.5.1-009.x |
| ibm / filenet_p8_application_engine | 3.5.1-011 | 3.5.1-011.x |
| ibm / filenet_p8_application_engine | 3.5.1-005 | 3.5.1-005.x |
| ibm / filenet_p8_application_engine | 3.5.1-014 | 3.5.1-014.x |
| ibm / filenet_p8_application_engine | 3.5.1-006 | 3.5.1-006.x |
| ibm / filenet_p8_application_engine | 3.5.1-013 | 3.5.1-013.x |
| ibm / filenet_p8_application_engine | 3.5.1-004 | 3.5.1-004.x |
| ibm / filenet_p8_application_engine | 3.5.1 | 3.5.1.x |
| ibm / filenet_p8_application_engine | 3.5.1-007 | 3.5.1-007.x |
| ibm / filenet_p8_application_engine | 3.5.1-001 | 3.5.1-001.x |
| ibm / filenet_p8_application_engine | 3.5.1-012 | 3.5.1-012.x |
| ibm / filenet_p8_application_engine | 3.5.1-015 | 3.5.1-015.x |
| ibm / filenet_p8_application_engine | 3.5.1-010 | 3.5.1-010.x |
| ibm / filenet_p8_application_engine | 3.5.1-002 | 3.5.1-002.x |
| ibm / filenet_p8_application_engine | 3.5.1-008 | 3.5.1-008.x |
| ibm / filenet_p8_application_engine | 3.5.1-003 | 3.5.1-003.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime