CVE-2006-1384 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-1384

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Business Systems Manager (TBSM) before 3.1.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.

Affected Software

Name	Vendor	Start Version	End Version
Tivoli_business_systems_manager	Ibm	3.1 (including)	3.1 (including)

References

http://secunia.com/advisories/19332
http://securitytracker.com/id?1015822
http://www-1.ibm.com/support/docview.wss?uid=swg1OA14904
http://www.osvdb.org/24069
http://www.securityfocus.com/bid/17210
http://www.vupen.com/english/advisories/2006/1073
https://exchange.xforce.ibmcloud.com/vulnerabilities/25412