2 matches found
Security Bulletin: Vulnerability in Rational DOORS Next Generation with potential for Cross-Site Scripting attack (CVE-2017-1127, CVE-2017-1128)
Summary Security Bulletin: Vulnerability in Rational DOORS Next Generation with potential for Cross-Site Scripting attack. Vulnerability Details CVEID: CVE-2017-1127 DESCRIPTION: IBM DOORS Next Generation DNG/RRC is vulnerable to cross-site scripting. This vulnerability allows users to embed...
CVE-2017-1128
IBM DOORS Next Generation (DNG/RRC) versions affected: 4.0, 5.0, and 6.0. The Web UI is vulnerable to cross-site scripting via embedded JavaScript, enabling potential credential disclosure in a trusted session. Root cause: reflected/stored XSS in the Web UI (details are described in the IBM Secur...