Cross site scripting

2021-03-0419:15:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.8%

JSON

IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190460.

CPENameOperatorVersion
doors_nexteq7.0
doors_nexteq7.0.1
doors_nexteq7.0.2
engineering_lifecycle_managementeq7.0.1
engineering_lifecycle_managementeq7.0
engineering_lifecycle_managementeq7.0.2
engineering_test_managementeq7.0.0
engineering_test_managementeq7.0.1
engineering_test_managementeq7.0.2
engineering_workflow_managementeq7.0

Name	Operator	Version
doors_next	eq	7.0
doors_next	eq	7.0.1
doors_next	eq	7.0.2
engineering_lifecycle_management	eq	7.0.1
engineering_lifecycle_management	eq	7.0
engineering_lifecycle_management	eq	7.0.2
engineering_test_management	eq	7.0.0
engineering_test_management	eq	7.0.1
engineering_test_management	eq	7.0.2
engineering_workflow_management	eq	7.0