IBM Tivoli Netcool/OMNIbus Web GUI Cross-Site Scripting Vulnerability (CNVD-2021-57448)

IBM Tivoli Netcool/OMNIbus is a service level management (SLM) system that provides real-time, centralized monitoring of complex networks and IT domains. web GUI is the web-based application version of the system that displays event data from multiple data sources in a variety of graphical formats in supported web browsers and mobile devices. IBM Tivoli Netcool/OMNIbus Web GUI version 8.1.0 is vulnerable to cross-site scripting. Tivoli Netcool/OMNIbus Web GUI version 8.1.0 is vulnerable to a cross-site scripting vulnerability. An attacker could exploit the vulnerability to embed arbitrary JavaScript code in the Web UI, which could alter the intended functionality, which could lead to credential disclosure in a trusted session.