6 matches found
Cross site scripting
IBM DOORS Next Generation DNG/RRC 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
CVE-2020-4252
IBM DOORS Next Generation (DNG/RRC) is affected by a cross-site scripting vulnerability (CVE-2020-4252) in the Web UI for multiple 6.x releases (notably 6.0.2, 6.0.6, 6.0.6.1). The underlying issue allows an attacker to inject arbitrary JavaScript into the Web UI, potentially leading to credentia...
CVE-2019-4746
IBM DOORS Next Generation DNG/RRC 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
CVE-2019-4740
IBM DOORS Next Generation (DNG/RRC) 6.0.2–6.0.6.1 (including 6.0.61) are affected by a cross-site scripting flaw in the Web UI that can allow embedding arbitrary JavaScript and potentially disclose credentials within a trusted session. Root cause is a Web UI XSS vulnerability; affected components...
CVE-2019-4746
CVE-2019-4746 affects IBM DOORS Next Generation (DNG/RRC) Web UI. According to the IBM bulletin, multiple cross-site scripting defects exist in DNG/RRC versions 6.0.2, 6.0.6, and 6.0.6.1 (and related RDNG/DNG variants), allowing an attacker to inject arbitrary JavaScript into the Web UI, potentia...
CVE-2019-4737
IBM DOORS Next Generation DNG/RRC 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...