CVE-2014-6137

EIP tracks 1 public exploit for CVE-2014-6137. PoCs published by RedTeam Pentesting.

AI-analyzed exploit summary The advisory describes a persistent XSS vulnerability in IBM Endpoint Manager Relay Diagnostics page, where the 'url' parameter in a specific CGI script is susceptible to JavaScript injection. The injected code is stored and executed when the diagnostics page is accessed.

Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.