CVE-2011-1396

2012-03-1301:00:00

mitre

www.cve.org

5.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.1%

JSON

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote attackers to inject arbitrary web script or HTML via the reportType parameter to an unspecified component.

References

secunia.com/advisories/48299

www-01.ibm.com/support/docview.wss?uid=swg1IV09190

www.ibm.com/support/docview.wss?uid=swg21584666

www.securityfocus.com/bid/52333

exchange.xforce.ibmcloud.com/vulnerabilities/71999