CVE-2017-1364
IBM RELM (Rational Engineering Lifecycle Manager) versions 4.0.3–4.0.7, 5.0–5.0.2, and 6.0–6.0.4 are affected by a cross-site scripting vulnerability in the Web UI that can lead to credentials disclosure within a trusted session. Root cause is a reflected/stored XSS in the RELM web interface (as ...