CVE-2010-4120

IBM Tivoli Access Manager for e-business 6.1.0 - Cross-Site Scripting via TAM Console Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 11 public exploits for CVE-2010-4120. PoCs published by IBM.

AI-analyzed exploit summary The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business by injecting a script tag via the 'parm1' parameter. The payload triggers an alert box, confirming the vulnerability.

Description

Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.

Exploits (11)

exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34907

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business by injecting a script tag via the 'parm1' parameter. The payload triggers an alert box, confirming the vulnerability.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable web application
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34917

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager by injecting a malicious script via the 'method' parameter in the URL. The payload triggers an alert box, confirming the vulnerability.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the target URL
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34916

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager by injecting a script tag into the 'method' parameter of the user endpoint. The payload executes arbitrary JavaScript in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34915

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager by injecting a malicious script via the 'method' parameter in the URL. The PoC triggers an alert box, proving arbitrary JavaScript execution in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Victim must visit the crafted URL
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34914

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business 6.1.0 by injecting a malicious script via the 'method' parameter in the URL. The PoC shows how arbitrary JavaScript can be executed in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable URL endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34913

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager by injecting a script tag into the 'method' parameter of the '/ibm/wpm/os' endpoint. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34912

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business 6.1.0 by injecting a script tag into the 'method' parameter of the 'gsogroup' endpoint. The payload executes arbitrary JavaScript in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34911

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business 6.1.0 by injecting a malicious script into the 'method' parameter of the '/ibm/wpm/gso' endpoint. The PoC URL triggers an alert box, confirming the vulnerability.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable endpoint · User interaction to trigger the malicious URL
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34910

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business 6.1.0 by injecting a script tag into the 'method' parameter of the '/ibm/wpm/group' endpoint. The payload executes arbitrary JavaScript in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable endpoint · User interaction to trigger the payload
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34909

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business 6.1.0 by injecting a malicious script via the 'method' parameter in the URL. The PoC uses a simple JavaScript alert to confirm the vulnerability.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable web application
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by IBM · textwebappsmultiple
https://www.exploit-db.com/exploits/34908

The exploit demonstrates a reflected XSS vulnerability in IBM Tivoli Access Manager for e-business 6.1.0 by injecting a script tag into the 'method' parameter of the '/ibm/wpm/acl' endpoint. The lack of input sanitization allows arbitrary JavaScript execution in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: IBM Tivoli Access Manager for e-business 6.1.0
No auth needed
Prerequisites: Access to the vulnerable endpoint · Victim interaction (e.g., clicking a crafted link)
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (17)

Core 17
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68884
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68892
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68891
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68885
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2774
Exploit, Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68890
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68893
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/62750
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/44382
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68886
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024633
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68889
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68888
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68894
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68887
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41974

Scores

EPSS 0.0294
EPSS Percentile 85.3%

Details

CWE
CWE-79
Status published
Products (2)
ibm/tivoli_access_manager_for_e-business 6.1.0
ibm/tivoli_access_manager_for_e-business 6.1.1
Published Oct 28, 2010
Tracked Since Feb 18, 2026