Cross site scripting

2012-09-1017:55:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.7%

JSON

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
change_and_configuration_management_databaseeq7.0
change_and_configuration_management_databaseeq6.0
maximo_asset_managementeq6.2.0.0
maximo_asset_managementeq7.5.0.0
maximo_asset_managementeq7.1.0.0
maximo_service_deskeq6.2
smartcloud_control_deskeq7.0
tivoli_asset_management_for_iteq7.0
tivoli_asset_management_for_iteq7.2
tivoli_asset_management_for_iteq7.1

Name	Operator	Version
change_and_configuration_management_database	eq	7.0
change_and_configuration_management_database	eq	6.0
maximo_asset_management	eq	6.2.0.0
maximo_asset_management	eq	7.5.0.0
maximo_asset_management	eq	7.1.0.0
maximo_service_desk	eq	6.2
smartcloud_control_desk	eq	7.0
tivoli_asset_management_for_it	eq	7.0
tivoli_asset_management_for_it	eq	7.2
tivoli_asset_management_for_it	eq	7.1