Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.9 IF2 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 IF2, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21972423 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2016-01-02T02:00:00
Updated: 2024-08-06T07:51:27.617Z
Reserved: 2015-09-29T00:00:00
Link: CVE-2015-7451
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2016-01-02T05:59:08.797
Modified: 2016-01-06T19:48:25.127
Link: CVE-2015-7451
Redhat
No data.