Cross-Site Scripting Vulnerability in IBM Tivoli Endpoint Manager
CVE-2014-6113

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Endpoint Manager
Vendor: CVE Published:; 16 February 2015

Summary

The vulnerability allows remote attackers to inject arbitrary web scripts or HTML into the Web Reports component of IBM Tivoli Endpoint Manager prior to version 9.1.1229. This can lead to unauthorized actions and exposure of sensitive information when users interact with compromised reports, highlighting the need for immediate updates to mitigate potential exploitation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21692516

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96210

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 16, 2015
Vulnerability Reserved
Sep 2, 2014