2 matches found
CVE-2020-4856
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190459...
CVE-2020-4856
CVE-2020-4856 is a stored cross-site scripting vulnerability in IBM Engineering products, notably IBM Engineering DOORS Next (and related ELN/LRM/RQM/EWM/RTC families). The Web UI can embed arbitrary JavaScript, potentially altering functionality and leading to credentials disclosure within a tru...