CVE-2014-6137

Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:tivoli_endpoint_manager:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:13

Type Values Removed Values Added
References () http://www-01.ibm.com/support/docview.wss?uid=swg21692516 - Patch, Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21692516 - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/72559 - () http://www.securityfocus.com/bid/72559 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/96817 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/96817 -

Information

Published : 2015-02-16 00:59

Updated : 2024-11-21 02:13


NVD link : CVE-2014-6137

Mitre link : CVE-2014-6137

CVE.ORG link : CVE-2014-6137


JSON object : View

Products Affected

ibm

  • tivoli_endpoint_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')