PatchSiren cyber security CVE debrief

CVE-2016-6123 IBM CVE debrief

CVE-2016-6123 is a cross-site scripting issue in IBM Kenexa LMS on Cloud. According to the CVE description, affected users can embed arbitrary JavaScript in the Web UI, which can alter intended application behavior and may lead to credential disclosure within a trusted session. NVD assigns a medium severity score of 5.4 with a CVSS v3.0 vector of AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N.

Vendor: IBM
Product: CVE-2016-6123
CVSS: MEDIUM 5.4
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-01
Original CVE updated: 2026-05-13
Advisory published: 2017-02-01
Advisory updated: 2026-05-13

Who should care

IBM Kenexa LMS on Cloud administrators, security teams, and any organization running affected versions 13.1 or 13.2 through 13.2.4 should care, especially where the platform handles authenticated user sessions or sensitive data.

Technical summary

NVD classifies this issue as CWE-79 (cross-site scripting). The vulnerability affects IBM Kenexa LMS on Cloud versions identified in the record as 13.1, 13.2, 13.2.2, 13.2.3, and 13.2.4, while the CVE description summarizes the impacted range as 13.1 and 13.2 through 13.2.4. The security impact is limited but meaningful: network reachability is present, exploitation requires low privileges and user interaction, and the attack can impact confidentiality and integrity in the context of a trusted session.

Defensive priority

Medium. The issue requires user interaction and limited privileges, but it can still enable script execution inside a trusted Web UI session and expose credentials or session-bound data.

Recommended defensive actions

Review the IBM PSIRT advisory for the vendor's remediation guidance and any fixed release information.
Inventory IBM Kenexa LMS on Cloud deployments and confirm whether any affected versions are in use.
Reduce exposure to untrusted content in the Web UI by enforcing strict input validation and output encoding wherever user-controlled data is rendered.
If the platform supports it, apply additional browser-side hardening such as a restrictive Content Security Policy.
Audit for signs of injected script content or unusual session activity, especially where users can submit content into the Web UI.
If suspicious activity is found, investigate potentially exposed credentials and rotate affected secrets as appropriate.

Evidence notes

The debrief is based on the supplied NVD CVE record, which states the issue is a cross-site scripting vulnerability in IBM Kenexa LMS on Cloud and provides the CVSS v3.0 vector AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. The record also lists CWE-79 and references IBM PSIRT and SecurityFocus entries. No fixed version or patch outcome was provided in the supplied corpus, so remediation guidance is limited to the cited vendor reference and general defensive controls.

Official resources

CVE-2016-6123 CVE record
CVE.org
CVE-2016-6123 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Vendor Advisory
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry

Publicly disclosed in the CVE/NVD record on 2017-02-01; the source record was last modified on 2026-05-13.