Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 before iFix 4 and 1.1.0.1 before iFix 3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
IBM
XSS
Quickfile
NVD
VulDB
CVSS 2.0
3.5
EPSS
0.2%