We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2010-4120



Description

Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.

Reserved 2010-10-28 | Published 2010-10-28 | Updated 2024-08-07 | Assigner mitre

References

osvdb.org/68892 (68892) vdb-entry

osvdb.org/68891 (68891) vdb-entry

osvdb.org/68885 (68885) vdb-entry

www.vupen.com/english/advisories/2010/2774 (ADV-2010-2774) vdb-entry

www-01.ibm.com/support/docview.wss?uid=swg1IZ84918 (IZ84918) vendor-advisory

osvdb.org/68890 (68890) vdb-entry

osvdb.org/68884 (68884) vdb-entry

osvdb.org/68893 (68893) vdb-entry

exchange.xforce.ibmcloud.com/vulnerabilities/62750 (tivoli-ebusiness-parm1-xss(62750)) vdb-entry

www.securityfocus.com/bid/44382 (44382) vdb-entry

osvdb.org/68886 (68886) vdb-entry

securitytracker.com/id?1024633 (1024633) vdb-entry

osvdb.org/68889 (68889) vdb-entry

osvdb.org/68888 (68888) vdb-entry

osvdb.org/68894 (68894) vdb-entry

osvdb.org/68887 (68887) vdb-entry

secunia.com/advisories/41974 (41974) third-party-advisory

cve.org (CVE-2010-4120)

nvd.nist.gov (CVE-2010-4120)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2010-4120

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.