CVE-2016-5942 IBM CVE debrief

Who should care

Organizations running IBM Kenexa LMS on Cloud, especially administrators, security teams, and help desk or identity teams supporting authenticated users. It matters most where the web UI is exposed to many users or where sessions can access sensitive training or account data.

Technical summary

The NVD record lists affected IBM Kenexa LMS versions 4.1, 4.2, 4.2.2, 4.2.3, 4.2.4, 5.0, 5.1, and 5.2. The issue is a web UI XSS weakness (CWE-79) that can let a user embed arbitrary JavaScript in the application interface. NVD’s vector shows network attackability, low complexity, low privileges, and no user interaction required.

Defensive priority

Medium priority for affected IBM Kenexa LMS deployments.

Recommended defensive actions

• Confirm whether any IBM Kenexa LMS versions 4.1 through 5.2 are in use and scope them for remediation.
• Review and apply the IBM advisory or patch referenced by NVD (swg21992072) as the primary fix path.
• Audit application pages that render user-controlled content and ensure output encoding and input handling are correct.
• Verify session protection controls and rotate credentials if you suspect script injection exposed active sessions.
• Use compensating controls such as content security policy and other browser-side hardening where compatible.
• Monitor logs and security alerts for suspicious script-like input or unusual authenticated actions.

Evidence notes

Supplied sources identify the flaw as XSS in IBM Kenexa LMS on Cloud, with CWE-79 and CVSS 3.0 vector AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N. NVD lists affected CPEs for versions 4.1, 4.2, 4.2.2, 4.2.3, 4.2.4, 5.0, 5.1, and 5.2. NVD references IBM advisory swg21992072 and SecurityFocus BID 95440. The CVE was published on 2017-02-01 and the NVD entry was modified on 2026-05-13; no CISA KEV entry is present in the supplied enrichment.

Official resources