CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 5CVE-2009-1334 – IBM Tivoli Continuous Data Protection for Files 3.1.4.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-1334
Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html in IBM Tivoli Continuous Data Protection (CDP) for Files 3.1.4.0 allows remote attackers to inject arbitrary web script or HTML via the reason parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en login/FilepathLogin.html en IBM Tivoli Continuous Data Protection (CDP) para Files v3.1.4.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "reason". • https://www.exploit-db.com/exploits/32908 http://secunia.com/advisories/34646 http://securitytracker.com/id?1022060 http://www.insight-tech.org/index.php?p=IBM-Tivoli-Continuous-Data-Protection-for-Files-version-3-1-4-0---XSS http://www.osvdb.org/53651 http://www.securityfocus.com/bid/34513 http://www.vupen.com/english/advisories/2009/1021 https://exchange.xforce.ibmcloud.com/vulnerabilities/49872 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •