First published: Fri Feb 02 2018(Updated: )
Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111480.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Tivoli Business Service Manager | =6.1.0 | |
IBM Tivoli Business Service Manager | =6.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2016-0311 is medium with a CVSS score of 5.4.
CVE-2016-0311 affects IBM Tivoli Business Service Manager versions 6.1.0 and 6.1.1.
The CWE ID associated with CVE-2016-0311 is CWE-79.
An attacker can exploit CVE-2016-0311 by injecting arbitrary web script or HTML via unspecified vectors.
You can find more information about CVE-2016-0311 at the following references: [Reference 1](http://www-01.ibm.com/support/docview.wss?uid=swg21986853), [Reference 2](https://exchange.xforce.ibmcloud.com/vulnerabilities/111480), [Reference 3](https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-tivoli-business-service-manager-cve-2016-0311/).