Cross-Site Scripting Vulnerability in IBM Tivoli Application Dependency Discovery Manager
CVE-2012-5939

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Application Dependency Discovery Manager
Vendor: CVE Published:; 6 March 2013

Summary

A cross-site scripting (XSS) vulnerability exists in the Welcome.do interface of IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x prior to version 7.2.1.4. This flaw allows authenticated users to craft malicious URLs, injecting arbitrary web scripts or HTML into the application. If exploited, it can compromise user data, escalate privileges, or facilitate further attacks within the application environment.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80494

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21625935

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IV32391

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Mar 6, 2013
Vulnerability Reserved
Nov 21, 2012