Vulnerabilities > CVE-2006-1384 - Cross-Site Scripting vulnerability in IBM Tivoli Business Systems Manager 3.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Business Systems Manager (TBSM) before 3.1.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | IBM Tivoli Business Systems Manager 3.1 APWC_Win_Main.JSP Cross-Site Scripting Vulnerability. CVE-2006-1384. Webapps exploit for jsp platform |
id | EDB-ID:27463 |
last seen | 2016-02-03 |
modified | 2006-03-23 |
published | 2006-03-23 |
reporter | anonymous |
source | https://www.exploit-db.com/download/27463/ |
title | IBM Tivoli Business Systems Manager 3.1 APWC_Win_Main.JSP Cross-Site Scripting Vulnerability |
References
- http://secunia.com/advisories/19332
- http://securitytracker.com/id?1015822
- http://www.osvdb.org/24069
- http://www.securityfocus.com/bid/17210
- http://www.vupen.com/english/advisories/2006/1073
- http://www-1.ibm.com/support/docview.wss?uid=swg1OA14904
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25412