Unrated severityNVD Advisory· Published May 1, 2014· Updated Jun 17, 2026
CVE-2014-0942
CVE-2014-0942
Description
Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0941.
Affected products
2cpe:2.3:a:ibm:tivoli_netcool\/omnibus:7.4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:tivoli_netcool\/omnibus:7.4.0:*:*:*:*:*:*:*
- (no CPE)range: <7.4.0 FP2
Patches
Vulnerability mechanics
References
2- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/92401nvd
News mentions
0No linked articles in our index yet.