IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM Corporation. A cross-site scripting vulnerability exists in IBM Maximo Asset Management, which stems from the lack of effective filtering and escaping of user-supplied data, and could be exploited by an attacker to embed arbitrary JavaScript in the Web UI code in the Web UI to change the intended functionality, resulting in the disclosure of credentials in a trusted session.
CPE | Name | Operator | Version |
---|---|---|---|
IBM Maximo Asset Management 7. | eq | 6.1.1 | |
IBM Maximo Asset Management 7. | eq | 6.1.2 |