CVE-2009-3262: XSS
First published: Fri Sep 18 2009(Updated: )
Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the last name field in a profile.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Tivoli Identity Manager | =5.0.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-3262?
CVE-2009-3262 is rated as moderate severity due to its potential for cross-site scripting attacks.
How do I fix CVE-2009-3262?
To fix CVE-2009-3262, apply any available patches or updates from IBM for Tivoli Identity Manager 5.0.0.5.
Who is affected by CVE-2009-3262?
CVE-2009-3262 affects remote authenticated users of IBM Tivoli Identity Manager version 5.0.0.5.
What type of vulnerability is CVE-2009-3262?
CVE-2009-3262 is a cross-site scripting (XSS) vulnerability.
What impact does CVE-2009-3262 have?
CVE-2009-3262 allows attackers to inject arbitrary web scripts or HTML into a user's profile, potentially compromising user data.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/tags
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/event
- agent/description
- agent/source
- vendor/ibm
- canonical/ibm tivoli identity manager
- version/ibm tivoli identity manager/5.0.0.5