CVE-2007-4368

SQL injection vulnerability in /main in IBM Rational ClearQuest CQ Web 7.0.0.0-IFIX02 and 7.0.0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter in a GenerateMainFrame command...

CVE-2007-1468

Cross-site scripting XSS vulnerability in IBM Rational ClearQuest CQ Web 7.0.0.0 allows remote attackers to inject arbitrary web script or HTML via an attachment to a defect log entry...

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Rational ClearQuest CQ Web 7.0.0.0 allows remote attackers to inject arbitrary web script or HTML via an attachment to a defect log entry...