cvedb.io
CVE-2016-8232
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2017-03-01T21:59:00.243 · Last modified 2026-06-17T00:54:03.377

Summary

Document Object Model-(DOM) based cross-site scripting vulnerability in the Advanced Management Module (AMM) versions earlier than 66Z of Lenovo IBM BladeCenter HS22, HS22V, HS23, HS23E, HX5 allows an unauthenticated attacker with access to the AMM's IP address to send a crafted URL that could inject a malicious script to access a user's AMM data such as cookies or other session information.

Affected products

ibm — advanced_management_module_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when ibm ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.