Cross-site Scripting Vulnerability in IBM Tivoli Directory Server Web Admin Tool
CVE-2012-0740

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Directory Server
Vendor: CVE Published:; 22 April 2012

Summary

The Web Admin Tool in IBM Tivoli Directory Server contains a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML. This issue can be exploited through unspecified vectors, which can potentially lead to unauthorized actions being performed on behalf of affected users. It is crucial to apply updates to versions 6.2 and 6.3 to mitigate this risk and enhance your system's security posture. Regularly monitoring and applying patches from IBM can help in addressing such vulnerabilities.

References

http://www-01.ibm.com/support/docview.wss?uid=swg24032290

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg1IO16016

vendor-advisoryx_refsource_AIXAPAR

http://www.securitytracker.com/id?1026880

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 22, 2012
Vulnerability Reserved
Jan 17, 2012