CVE-2017-1352

IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt