Lucene search

MitreCVELIST:CVE-2009-3262

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2009-3262

2022-10-0316:23:53

mitre

www.cve.org

cve-2009-3262

cross-site scripting

ibm tivoli identity manager

self service ui

remote authenticated users

web script injection

html injection

profile

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.3%

JSON

Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the last name field in a profile.

References

secunia.com/advisories/36511

securitytracker.com/id?1022837

www-01.ibm.com/support/docview.wss?uid=swg1IZ54747