CVE-2007-5949

IBM Tivoli Service Desk 6.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated users to inject arbitrary web script or HTML via the Description parameter in a Maximo change action.

Scores

EPSS 0.0032
EPSS Percentile 54.8%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

ibm/tivoli_service_desk

Timeline

Published Nov 14, 2007
Tracked Since Feb 18, 2026