Lucene search
China National Vulnerability DatabaseCNVD-2021-94312HistorySep 24, 2021 - 12:00 a.m.
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI Cross-Site Scripting Vulnerability (CNVD-2021-94312)
2021-09-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
19.6%
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI are both products of IBM Corporation, U.S.A. IBM Jazz for Service Management is an integrated service management product that provides visibility into the service management environment. IBM Tivoli Netcool/OMNIbus_GUI is a graphical user interface for the IBM Tivoli Netcool/OMNIbus service level management system. IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI contain a cross-site scripting vulnerability that vulnerability stems from the lack of effective filtering and escaping of parameters in the Web UI of the software. An attacker could exploit this vulnerability to embed arbitrary JavaScript code in the Web UI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| IBM Jazz for Service Management 1. | eq | 1.3.10 |
Related
cve
cve
CVE-2021-29832
2021-09-23 18:15:11
ibm
ibm
prion
prion
Cross site scripting
2021-09-23 18:15:00
cvelist
cvelist
CVE-2021-29832
2021-09-22 00:00:00
nvd
nvd
CVE-2021-29832
2021-09-23 18:15:11