Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Key Lifecycle Manager 跨站脚本漏洞
Vulnerability Description
IBM Security Key Lifecycle Manager(前称Tivoli Key Lifecycle Manager)是美国IBM公司的一套密钥生命周期管理软件。该软件为存储设备提供密钥存储、密钥维护和密钥生命周期管理等功能。 IBM Security Key Lifecycle Manager中存在跨站脚本漏洞。攻击者可利用该漏洞在Web UI中注入任意的JavaScript代码,造成可信会话中的证书泄露。以下版本受到影响:IBM Tivoli Key Lifecycle Manager
CVSS Information
N/A
Vulnerability Type
N/A