Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allow remote malicious users to inject arbitrary web script or HTML via the uisesionid parameter to (1) maximo.jsp or (2) the default URI under ui/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm maximo asset management essentials 7.5 |
||
ibm maximo asset management 7.5 |
||
ibm maximo asset management essentials 6.2 |
||
ibm maximo asset management essentials 7.1 |
||
ibm maximo asset management 7.1 |
||
ibm maximo asset management 6.2 |