CVE-2014-0914

by Fred · 30/07/2014

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 6.x and 7.x through 7.5.0.6, Maximo Asset Management 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 6.2 through 6.2.8 for Tivoli IT Asset Management for IT and Maximo Service Desk allows remote authenticated users to inject arbitrary web script or HTML via the Query Description Field.

Date published : 2014-07-30

http://www-01.ibm.com/support/docview.wss?uid=swg1IV56679

http://www.securityfocus.com/bid/68839

CVE-2014-0914

Related

Recent Posts

Categories

Latest CWE

CVE-2014-0914

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE