Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management Essentials 7.1, Tivoli Asset Management for IT 7.1 and 7.2, Tivoli Service Request Manager 7.1 and 7.2, and Change and Configuration Management Database (CCMDB) 7.1 and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden frame footer.
References
Advertisement
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-02-20 04:09
Updated : 2017-08-28 18:31
NVD link : CVE-2012-3328
Mitre link : CVE-2012-3328
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Advertisement
Products Affected
ibm
- change_and_configuration_management_database
- tivoli_asset_management_for_it
- maximo_asset_management_essentials
- maximo_asset_management
- tivoli_service_request_manager