IBM.Tivoli.Endpoint.Manager.Web.Reports.ScheduleParam.XSS

description-logoDescription

This indicates an attack attempt to exploit a Cross Site Scripting vulnerability in IBM Tivoli Endpoint Manager.
The vulnerability is due to insufficient sanitizing of certain HTTP parameters. A remote attacker can exploit this to execute arbitrary script code within the context of the application.

affected-products-logoAffected Products

IBM Tivoli Endpoint Manager prior to 8.2 patch 3

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the targeted user.

recomended-action-logoRecommended Actions

Refer to the vendor's website for suggested workaround.
http://www-01.ibm.com/support/docview.wss?uid=swg21587743

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-10-16 13.473 Sig Added