Cross-Site Scripting Vulnerability in IBM Maximo Asset Management
CVE-2015-0108

Currently unrated

Key Information:

Vendor

IBM
Status
Maximo Asset Management
Maximo For Utilities
Maximo For Nuclear Power
Tivoli Service Request Manager
Vendor
CVE Published:
18 February 2015

What is CVE-2015-0108?

A cross-site scripting vulnerability exists in specific versions of IBM Maximo Asset Management, allowing remote authenticated users to inject arbitrary web scripts or HTML through undefined vectors. This may lead to malicious actions affecting the integrity and confidentiality of user data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/99605
vdb-entryx_refsource_XF
http://www-01.ibm.com/support/docview.wss?uid=swg21694974
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.