PT-2015-4475 · Ibm · Change/Configuration Management Database+10
Jakub Palaczynski
+1
·
Published
2015-02-18
·
Updated
2017-09-08
·
CVE-2015-0109
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0108.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Change/Configuration Management Database
Ibm Maximo Asset Management
Ibm Maximo Asset Management Essentials
Maximo For Government
Maximo For Life Sciences
Maximo For Nuclear Power
Maximo For Oil/Gas
Maximo For Transportation
Maximo For Utilities
Tivoli Asset Management For It
Tivoli Service Request Manager