exploitDog

GHSA-53r5-8crq-7gxf

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/.

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/.

Ссылки

EPSS

Процентиль: 52%

0.00295

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2011-4819

nvd

почти 14 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote attackers to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/.

EPSS

Процентиль: 52%

0.00295

Низкий

CVE ID

Дефекты

CWE-79