CVE-2015-1978

Cross-site scripting (XSS) vulnerability in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, 6.3 before iFix 37, 6.3.1 before iFix 11, and 6.4 before iFix 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Link Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21960659 Patch Vendor Advisory
http://www.securityfocus.com/bid/75435 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1032734 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.4.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-06-28 15:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-1978

Mitre link : CVE-2015-1978

CVE.ORG link : CVE-2015-1978


JSON object : View

Products Affected

ibm

  • tivoli_directory_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')