Back to search
CVE-2009-2316
Published: Jul 5, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0 allow remote attackers to inject arbitrary web script or HTML by entering an unspecified URL in (1) the self-service UI interface or (2) the console interface. NOTE: it was later reported that 4.6.0 is also affected by the first vector.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2009-2106
vdb-entry
x_refsource_VUPEN
IZ54310
vendor-advisory
x_refsource_AIXAPAR
35566
vdb-entry
x_refsource_BID
IZ55518
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg24023640
x_refsource_CONFIRM
35696
third-party-advisory
x_refsource_SECUNIA
IZ54311
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg24023929
x_refsource_CONFIRM
36119
third-party-advisory
x_refsource_SECUNIA
55550
vdb-entry
x_refsource_OSVDB
1022508
vdb-entry
x_refsource_SECTRACK
ADV-2009-1774
vdb-entry
x_refsource_VUPEN
55551
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now