Cross-site Scripting Vulnerability in IBM Tivoli Storage Manager Client
CVE-2007-4348

Currently unrated

Key Information:

Vendor

IBM
Status
Tivoli Storage Manager Client
Vendor
CVE Published:
30 October 2007

What is CVE-2007-4348?

The Tivoli Storage Manager (TSM) Client for Windows is vulnerable to a Cross-site Scripting (XSS) issue in its CAD service. Attackers can exploit this vulnerability by crafting HTTP requests to port 1581, enabling them to inject arbitrary web scripts or HTML code. This malicious payload can generate entries in the dsmerror.log, which is exposed through the web interface, potentially compromising system integrity and user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2007/3635
vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/38125
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/26221
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.