CVE-2015-4959

Name of the Vulnerable Software and Affected Versions IBM Tivoli Federated Identity Manager versions 6.2.2 before FP16

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL. This enables attackers to potentially steal user data or take control of user sessions.

Recommendations For IBM Tivoli Federated Identity Manager version 6.2.2, apply Fix Pack 16 or later to resolve the issue.