QwikSec

Security Database

CVE

CWE

Training

CVE-2017-1320

Published: May 22, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125732.

Vendor	Product	Versions
IBM Corporation	Tivoli Federated Identity Manager	affected `6.1, 6.2, 6.2.2`

References

vdb-entry

x_refsource_SECTRACK

http://www.ibm.com/support/docview.wss?uid=swg22002877

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.