CVE-2009-3262 Information

Description

Cross-site scripting (XSS) vulnerability in the Self Service UI (SSUI) in IBM Tivoli Identity Manager (ITIM) 5.0.0.5 allows remote authenticated users to inject arbitrary web script or HTML via the last name field in a profile.

Reference

http://secunia.com/advisories/36511 http://securitytracker.com/id?1022837 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ54747