Rational Doors Web Access Security Vulnerabilities

CVE-2011-2679

Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2011-2680

Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response."

CVE-2011-2681

IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly handle exceptions, which has unspecified impact and remote attack vectors.

CVE-2011-2682

The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote authenticated users to cause a denial of service (license consumption) by trying to login to DOORS Web Access with a new user account that has never been used for a DOORS login.

CVE-2018-1975

IBM Rational DOORS Web Access 9.5.1 through 9.5.2.9, and 9.6 through 9.6.1.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...