CVE-2013-0457

Currently unrated

Key Information:

Vendor: IBM
Status: Maximo Asset Management Essentials; Smartcloud Control Desk; Maximo Asset Management
Vendor: CVE Published:; 20 February 2013

Summary

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to a uisessionid.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV20590

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21625624

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/81011

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 20, 2013
Vulnerability Reserved
Dec 16, 2012