Vulnerability Details CVE-2015-4959
Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP16 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV77558
- http://www-01.ibm.com/support/docview.wss?uid=swg21974157
- http://www.securitytracker.com/id/1034697
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV77558
- http://www-01.ibm.com/support/docview.wss?uid=swg21974157
- http://www.securitytracker.com/id/1034697
Products affected by CVE-2015-4959
-
cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.2