2 matches found
Security Bulletin: Rational Host On-Demand administrative interface is vulnerable to DOM XSS (CVE-2015-5002)
Summary IBM Rational Host On-Demand administrative interface is vulnerable to DOM XSS in multiple parameters, caused by improper validation of user supplied input Vulnerability Details CVEID: CVE-2015-5002 DESCRIPTION: IBM Host On-Demand is vulnerable to cross-site scripting, caused by improper...
CVE-2015-5002
IBM Host On-Demand (11.0–11.0.14) is affected by a DOM XSS in the administrative interface caused by improper input validation. A remote attacker can trigger script execution via a crafted URL, potentially compromising user sessions. Remediation: upgrade to Host On-Demand 11.0.14 (special build) ...