CVE-2010-4120 | THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

Assigner	mitre
Reserved	2010-10-28
Published	2010-10-28
Updated	2024-08-07

Description

Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.

References

http://osvdb.org/68892 (68892) vdb-entry

http://osvdb.org/68891 (68891) vdb-entry

http://osvdb.org/68885 (68885) vdb-entry

http://www.vupen.com/english/advisories/2010/2774 (ADV-2010-2774) vdb-entry

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918 (IZ84918) vendor-advisory

http://osvdb.org/68890 (68890) vdb-entry

http://osvdb.org/68884 (68884) vdb-entry

http://osvdb.org/68893 (68893) vdb-entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/62750 (tivoli-ebusiness-parm1-xss(62750)) vdb-entry

http://www.securityfocus.com/bid/44382 (44382) vdb-entry

http://osvdb.org/68886 (68886) vdb-entry

http://securitytracker.com/id?1024633 (1024633) vdb-entry

http://osvdb.org/68889 (68889) vdb-entry

http://osvdb.org/68888 (68888) vdb-entry

http://osvdb.org/68894 (68894) vdb-entry

http://osvdb.org/68887 (68887) vdb-entry

http://secunia.com/advisories/41974 (41974) third-party-advisory

cve.org CVE-2010-4120

nvd.nist.gov CVE-2010-4120

Download JSON

https://cve.threatint.com/CVE/CVE-2010-4120

Support options

Helpdesk Telegram

Subscribe to our newsletter to learn more about our work.