Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Maximo Asset Management 7.1 through 7.1.1.8 and 7.2 for Tivoli IT Asset Management for IT and certain other products, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-0104, CVE-2015-0107, and CVE-2015-0108.

"IBM Maximo Asset Management 7.1 through 7.1.1.8 和 Tivoli IT Asset Management for IT 和某些其他产品中的跨站脚本(XSS)漏洞，允许远程授权用户通过未指定的目标来注入任意的 web 脚本或 HTML，与 CVE-2015-0104、CVE-2015-0107 和 CVE-2015-0108 等不同漏洞。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）