Podatność CVE-2014-0915

Podatność CVE-2014-0915

Publikacja: 2014-07-30

Opis:

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
3.5/10	2.9/10	6.8/10

Affected software
IBM -> Maximo asset management
IBM -> Maximo asset management essentials
IBM -> Maximo for government
IBM -> Maximo for life sciences
IBM -> Maximo for nuclear power
IBM -> Maximo for oil and gas
IBM -> Maximo for transportation
IBM -> Maximo for utilities
IBM -> Maximo service desk
IBM -> Smartcloud control desk
IBM -> Tivoli it asset management for it

http://secunia.com/advisories/59570

http://secunia.com/advisories/59640

http://www-01.ibm.com/support/docview.wss?uid=swg1IV56680

http://www-01.ibm.com/support/docview.wss?uid=swg21678894

http://www.securityfocus.com/archive/1/533110/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/91884