Cross-Site Scripting Vulnerability in IBM Tivoli Endpoint Manager
CVE-2013-0453

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Endpoint Manager
Vendor: CVE Published:; 21 March 2013

Summary

A Cross-site scripting (XSS) vulnerability exists in the Web Reports component of IBM Tivoli Endpoint Manager prior to version 8.2.1372. This flaw allows remote authenticated users to inject arbitrary web scripts or HTML code via specially crafted URLs. Exploiting this issue could lead to unauthorized data exposure or manipulation, making it critical for users to update to the latest version to ensure the security of their systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80969

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1IV37766

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21631351

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 21, 2013
Vulnerability Reserved
Dec 16, 2012