Cross site scripting

2017-02-0120:59:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

19.1%

JSON

IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CPENameOperatorVersion
maximo_asset_managementeq7.6.0.0

CPE	Name	Operator	Version
	maximo_asset_management	eq	7.6.0.0

References

www.ibm.com/support/docview.wss?uid=swg21991893

www.securityfocus.com/bid/94355