Cross site scripting

2016-09-2604:59:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.2%

JSON

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string.

CPENameOperatorVersion
spectrum_controleq5.2.9
spectrum_controleq5.2.8
spectrum_controleq5.2.10.1
spectrum_controleq5.2.10
tivoli_storage_productivity_centereq5.2.4.1
tivoli_storage_productivity_centereq5.2.7.1
tivoli_storage_productivity_centereq5.2.0
tivoli_storage_productivity_centereq5.2.4
tivoli_storage_productivity_centereq5.2.7
tivoli_storage_productivity_centereq5.2.2

Name	Operator	Version
spectrum_control	eq	5.2.9
spectrum_control	eq	5.2.8
spectrum_control	eq	5.2.10.1
spectrum_control	eq	5.2.10
tivoli_storage_productivity_center	eq	5.2.4.1
tivoli_storage_productivity_center	eq	5.2.7.1
tivoli_storage_productivity_center	eq	5.2.0
tivoli_storage_productivity_center	eq	5.2.4
tivoli_storage_productivity_center	eq	5.2.7
tivoli_storage_productivity_center	eq	5.2.2