CVE-2015-1966

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to the (1) ERROR_DESCRIPTION and (2) TOKEN:RelayState macros.

🔗 References (12)

psirt@ushttp://www-01.ibm.com/support/docview.wss?uid=swg1IV74198
psirt@ushttp://www-01.ibm.com/support/docview.wss?uid=swg1IV74199
psirt@ushttp://www-01.ibm.com/support/docview.wss?uid=swg1IV74200
psirt@ushttp://www-01.ibm.com/support/docview.wss?uid=swg21959071
psirt@ushttp://www.securityfocus.com/bid/75537
psirt@ushttp://www.securitytracker.com/id/1032767
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg1IV74198
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg1IV74199
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg1IV74200
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21959071
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75537
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032767

Is Your Infrastructure Affected by CVE-2015-1966?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-1966

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-1966?