2 matches found
Security Bulletin: A cross-site scripting vulnerability has been identified in IBM Tivoli Federated Identity Manager (CVE-2015-4959)
Summary IBM Tivoli Federated Identity Manager is vulnerable to cross-site scripting attacks that could be used to steal the victim's authentication credentials. Vulnerability Details CVEID: CVE-2015-4959 DESCRIPTION: IBM Tivoli Federated Identity Manager is vulnerable to cross-site scripting,...
CVE-2015-4959
CVE-2015-4959 affects IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 prior to FP16, where improper validation of user-supplied input allows cross-site scripting via a crafted URL. The vulnerability could enable an attacker to execute script in a victim’s browser, potentially stealing credenti...