CVE-2018-1554
IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting in the Web UI. The issue allows injection of arbitrary JavaScript code, potentially leading to credentials disclosure within a trusted session. Root cause is a client-side XSS in the Maximo Web UI. Affected products include the...