Cross-Site Scripting Vulnerability in IBM Maximo Asset Management
CVE-2014-0914

Currently unrated

Key Information:

Vendor
IBM
Status
Maximo For Nuclear Power
Maximo Asset Management Essentials
Maximo Service Desk
Maximo Asset Management
Vendor
CVE Published:
30 July 2014

Summary

A cross-site scripting vulnerability exists in IBM Maximo Asset Management that allows remote authenticated users to inject malicious web scripts or HTML into the application via the Query Description Field. This flaw potentially exposes sensitive information and could compromise the integrity of web interactions, making it crucial for users to update their systems promptly and implement necessary security measures.

References

http://www.securityfocus.com/bid/68839
vdb-entryx_refsource_BID
http://secunia.com/advisories/59640
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/533110/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.