CVE-2007-6407

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Provisioning Manager Express
Vendor: CVE Published:; 17 December 2007

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Provisioning Manager Express allow remote attackers to inject arbitrary web script or HTML via the (1) "assess modification," (2) user-id, and other unspecified fields to the /tpmx URI; or (3) involving unspecified vectors related to "error processing."

References

http://www.securityfocus.com/archive/1/484607/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securitytracker.com/id?1019045

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/38864

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 17, 2007
Vulnerability Reserved
Dec 17, 2007