CVE-2014-6100 Information

Description

Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064 6.2 before 6.2.0.39-ISS-ITDS-FP0039 and 6.3 before 6.3.0.33-ISS-ITDS-IF0033 and IBM Security Directory Server 6.3.1 before 6.3.1.7-ISS-ISDS-IF0007 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Reference

http://secunia.com/advisories/61061 http://www-01.ibm.com/support/docview.wss?uid=swg21686581 https://exchange.xforce.ibmcloud.com/vulnerabilities/96005