Ibm · Ibm Maximo Asset Management · CVE-2021-20374
Name of the Vulnerable Software and Affected Versions:
IBM Maximo Asset Management versions 7.6.0 through 7.6.1
Description:
The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session.
Recommendations:
For versions 7.6.0 and 7.6.1, update to a version that includes a fix for this issue to prevent stored cross-site scripting attacks.