CVE-2009-5000

N/A Unknown

Published: September 20, 2010 Modified: April 29, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm

Source: cve@mitre.org

http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35679

Source: cve@mitre.org

http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg1PJ35679

Source: af854a3a-2127-422b-91ae-364da2661108

4 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

0.8%

53th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

ibm

Related CVEs

CVE-2026-8662 3.3

CVE-2026-8658 6.0

CVE-2026-8666 7.7

CVE-2026-8665 7.7

CVE-2026-8664 6.0