Cross site scripting

2015-03-1301:59:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.4%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0122.

CPENameOperatorVersion
rational_team_concerteq4.0.0.2
rational_team_concerteq3.0
rational_team_concerteq4.0.5
rational_team_concerteq3.0.1.5
rational_team_concerteq5.0.0
rational_team_concerteq2.0.0.2
rational_team_concerteq4.0
rational_team_concerteq4.0.6
rational_team_concerteq4.0.4
rational_team_concerteq3.0.1.2

Name	Operator	Version
rational_team_concert	eq	4.0.0.2
rational_team_concert	eq	3.0
rational_team_concert	eq	4.0.5
rational_team_concert	eq	3.0.1.5
rational_team_concert	eq	5.0.0
rational_team_concert	eq	2.0.0.2
rational_team_concert	eq	4.0
rational_team_concert	eq	4.0.6
rational_team_concert	eq	4.0.4
rational_team_concert	eq	3.0.1.2