IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site. IBM X-Force ID: 255072.
CPE | Name | Operator | Version |
---|---|---|---|
maximo_application_suite | eq | 8.9 | |
maximo_application_suite | eq | 8.10 | |
maximo_asset_management | eq | 7.6.1.2 | |
maximo_asset_management | eq | 7.6.1.3 |