CVE-2012-0715: XSS
First published: Fri Mar 02 2012(Updated: )
Cross-site scripting (XSS) vulnerability in the Gantt applet viewer in IBM Tivoli Change and Configuration Management Database (CCMDB) 7.2.1 and IBM ILOG JViews Gantt allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM ILOG JViews Gantt | ||
| IBM Tivoli Change and Configuration Management Database | =7.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-0715?
The severity of CVE-2012-0715 is considered high due to the potential for remote attackers to execute arbitrary scripts.
How do I fix CVE-2012-0715?
To fix CVE-2012-0715, apply the latest patches and updates provided by IBM for IBM Tivoli CCMDB 7.2.1 and IBM ILOG JViews Gantt.
What systems are affected by CVE-2012-0715?
CVE-2012-0715 affects IBM Tivoli Change and Configuration Management Database version 7.2.1 and IBM ILOG JViews Gantt.
What type of vulnerability is CVE-2012-0715?
CVE-2012-0715 is a cross-site scripting (XSS) vulnerability that allows for the injection of arbitrary web scripts or HTML.
Can CVE-2012-0715 be exploited remotely?
Yes, CVE-2012-0715 can be exploited remotely, which poses risks to users accessing the affected applications through a web interface.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm ilog jviews gantt
- canonical/ibm tivoli change and configuration management database
- version/ibm tivoli change and configuration management database/7.2.1