CVE-2007-5949
IBM Tivoli Service Desk 6.2 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated users to inject arbitrary web script or HTML via the Description parameter in a Maximo change action.
References (6)
Scores
EPSS
0.0032
EPSS Percentile
54.8%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
ibm/tivoli_service_desk
Timeline
Published
Nov 14, 2007
Tracked Since
Feb 18, 2026