79 matches found
CVE-2018-1657
IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID:...
CVE-2018-1657
IBM Publishing Engine versions 2.1.2, 6.0.5, and 6.0.6 are vulnerable to cross-site scripting (CWE) via the Web UI, allowing an attacker to embed arbitrary JavaScript and potentially disclose credentials in a trusted session. Remediation provided by IBM bulletin includes upgrading to later ifix p...
CVE-2018-1951
The CVE applies to IBM Publishing Engine versions 2.1.2, 6.0.5, and 6.0.6, where a cross‑site scripting vulnerability could allow injection of arbitrary JavaScript into the Web UI, potentially leading to credentials disclosure within a trusted session. The CVSS v3.0 base score is 5.4 (MEDIUM), wi...
Security Bulletin: Vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JSSE...
Security Bulletin: Vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private...
IBM Rational Publishing Engine Cross-Site Scripting Vulnerability
IBM Rational Publishing Engine is a set of document automation solutions from IBM. The program can generate Rational product documentation , but also supports the choice of other vendors to generate documentation for the application . A cross-site scripting vulnerability exists in IBM Rational...
IBM Rational Publishing Engine Cross-Site Scripting Vulnerability (CNVD-2018-21188 )
IBM Rational Publishing Engine is a set of document automation solutions from IBM. The program can generate Rational product documentation , but also supports the choice of other vendors to generate documentation for the application . A cross-site scripting vulnerability exists in IBM Rational...
CVE-2018-1533
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2018-1533
IBM Rational Publishing Engine versions 6.0.5 and 6.0.6 are affected by a cross-site scripting vulnerability that lets an attacker embed arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. Affected products/versions: Rational Publishing Engi...
CVE-2018-1534
IBM Rational Publishing Engine 6.0.5 and 6.0.6 are affected by a cross-site scripting (XSS) vulnerability in the Web UI that can let an attacker inject arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. The issue is tied to the Rational Publishing Engine...
CVE-2018-1534
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Cross site scripting
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Cross site scripting
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2018-1533
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2018-1534
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2018-1534
IBM Rational Publishing Engine 6.0.5 and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Security Bulletin: Cross-site scripting vulnerabilities affect Rational Publishing Engine
Summary There are multiple vulnerabilities with potential for cross-site scripting affecting Rational Publishing Engine. Vulnerability Details CVEID: CVE-2018-1533 DESCRIPTION: IBM Publishing Engine is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScri...
Security Bulletin: Vulnerabilities in IBM Java Runtime affect Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2018-2663 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit...
Security Bulletin: Potential hard-coded password vulnerability affects Rational Publishing Engine
Summary An undisclosed hard-coded password vulnerability affects Rational Publishing Engine. Vulnerability Details CVE ID: CVE-2017-1787 DESCRIPTION: IBM Publishing Engine contains an undisclosed vulnerability that could allow a local user with administrative privileges to obtain hard coded user...
Security Bulletin: Vulnerabilities in IBM Java Runtime affects Rational Publishing Engine
Summary There are multiple vulnerabilities in IBM Java Runtime Environment, Versions 7 and 8 that are used by Rational Publishing Engine. Vulnerability Details CVEID: CVE-2017-10295 DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit...