Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the web-based interface in IBM Metrica Service Assurance Framework allow remote authenticated users to inject arbitrary web script or HTML via (1) the elementid parameter in a generatedreportresults action to the ReportTree program, (2) the jnlpname parameter to the Launch program, or (3) the :tasklabel parameter to the ReportRequest program, related to the name of a report.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tivoli Netcool Service Quality Manager Web接口多个跨站脚本漏洞
Vulnerability Description
IBM Tivoli Netcool Service Quality Manager是美国IBM公司的一套将服务质量管理和服务水平协议组合用来管理电信服务质量的解决方案。该方案提供监控和改进客户体验的质量、综合的数据收集和丰富的构建服务模型等功能。 Tivoli Netcool Service Quality Manager的Web接口中存在多个跨站脚本漏洞,已认证的用户可以使用报表生成功能创建名称中嵌入了恶意代码的报表,当在主面板中打开报表历史时就会在用户浏览器会话中执行注入的代码。 至少有以下三个页面
CVSS Information
N/A
Vulnerability Type
N/A