CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2016-6045
https://notcve.org/view.php?id=CVE-2016-6045
01 Feb 2017 — IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Tivoli Storage Manager Operations Center es vulnerable a la falsificación de solicitudes de sitios cruzados que podrían permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario que confía en el sitio web. • http://www.ibm.com/support/docview.wss?uid=swg21995754 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 19EXPL: 0CVE-2016-6046
https://notcve.org/view.php?id=CVE-2016-6046
01 Feb 2017 — IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Tivoli Storage Manager Operations Center es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prev... • http://www.ibm.com/support/docview.wss?uid=swg21995754 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •