CVE-2016-8911

IBM Kenexa LMS on Cloud 13.1 and 13.2 – 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim.

Source: CVE-2016-8911