Cross site scripting

2015-03-1810:59:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.4%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0124.

CPENameOperatorVersion
rational_quality_managereq4.0.1
rational_quality_managereq2.0
rational_quality_managereq4.0.4
rational_quality_managereq3.0.1.1
rational_quality_managereq4.0.0.2
rational_quality_managereq4.0.7
rational_quality_managereq4.0.3
rational_quality_managereq3.0.1.2
rational_quality_managereq5.0.0
rational_quality_managereq4.0.5

Name	Operator	Version
rational_quality_manager	eq	4.0.1
rational_quality_manager	eq	2.0
rational_quality_manager	eq	4.0.4
rational_quality_manager	eq	3.0.1.1
rational_quality_manager	eq	4.0.0.2
rational_quality_manager	eq	4.0.7
rational_quality_manager	eq	4.0.3
rational_quality_manager	eq	3.0.1.2
rational_quality_manager	eq	5.0.0
rational_quality_manager	eq	4.0.5

Rows per page:

1-10 of 251

References

www-01.ibm.com/support/docview.wss?uid=swg21697126

www.securitytracker.com/id/1031885