CVE-2020-4223

CVE-2020-4223 affects IBM Maximo Asset Management core product versions 7.6.0.10 and 7.6.1.1. The issue is a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. The prim...

IBM Maximo Asset Management Cross-Site Scripting Vulnerability (CNVD-2020-25565)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. A cross-site scripting vulnerability exists in IBM Maximo Asset Management versions 7.6.1.0, 7.6.0.10, and 7.6.1.1. A remote attacker can exploit the vulnerability to inject arbitrary...

CVE-2019-4583

IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 167289...

Information disclosure

IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 167289...

Security Bulletin: IBM DataPower Gateway is affected by a script injection vulnerability (CVE-2018-1667)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-1667 Vulnerability Details CVEID: CVE-2018-1667 DESCRIPTION: IBM WebSphere DataPower Appliances is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI...