XSS in Ibm Tivoli_application_dependency_discovery_manager

CVE-2012-5939

Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitra…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.002 (40.5th percentile) — read the EPSS interpretation.

Affected products

Ibm Tivoli_application_dependency_discovery_manager — versions 7.2.0.0, 7.2.1, 7.2.1.3
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

taddm-welcome-xss(80494) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
IV32391 (vendor-advisory, x_refsource_AIXAPAR)