VYPR
Medium severity5.4NVD Advisory· Published Nov 30, 2016· Updated Jun 17, 2026

CVE-2016-5905

CVE-2016-5905

Description

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.10 IF3 and 7.6 before 7.6.0.5 IF2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.5.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.6.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:maximo_asset_management:7.6.0.4:*:*:*:*:*:*:*
    • (no CPE)range: <7.5.0.10 IF3, <7.6.0.5 IF2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.