Cross-Site Scripting Vulnerabilities in IBM Tivoli Federated Identity Manager
CVE-2015-1966

Currently unrated

Key Information:

Vendor

IBM
Status
Tivoli Federated Identity Manager
Vendor
CVE Published:
4 July 2015

What is CVE-2015-1966?

IBM Tivoli Federated Identity Manager has multiple cross-site scripting vulnerabilities that could be exploited by remote attackers. By crafting a specially designed URL, attackers can inject arbitrary web scripts or HTML through specific macros (ERROR_DESCRIPTION and TOKEN:RelayState) in affected versions of the product. This flaw allows attackers to potentially manipulate user interactions and access sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg21959071
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IV74198
vendor-advisoryx_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg1IV74199
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.