Cross-Site Scripting Vulnerability in IBM Maximo Asset Management
CVE-2022-35714
5.4MEDIUM
What is CVE-2022-35714?
IBM Maximo Asset Management 7.6.1 contains a vulnerability that enables cross-site scripting, permitting attackers to inject arbitrary JavaScript code into the web user interface. By exploiting this flaw, a malicious actor could manipulate the application’s functionality, potentially leading to the unintended disclosure of user credentials during a trusted session. This poses significant risks to users interacting with the application.
Affected Version(s)
Maximo Asset Management 7.6.1.1
Maximo Asset Management 7.6.1.2