CVE-2007-4348 Information
Share on:
Feb 14, 2021
cve
Description
Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581 which generate log entries in a dsmerror.log file that is accessible through a certain web interface.
Reference
http://secunia.com/advisories/27013 http://secunia.com/secunia_research/2007-75/advisory http://www.securityfocus.com/bid/26221 http://www.securitytracker.com/id?1018868 http://www.vupen.com/english/advisories/2007/3635 https://exchange.xforce.ibmcloud.com/vulnerabilities/38125