2 matches found
Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8
Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...
CVE-2023-50305
CVE-2023-50305 affects IBM Engineering Requirements Management DOORS family (DOORS 9.7.2.7; DOORS Web Access 9.7.2.7; Rational DOORS/DOORS Web Access 9.6.1.x). According to the IBM bulletin, the issue is a design/logic flaw where users by default do not have strong passwords, enabling easier comp...