Description
Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sliced Invoices-WordPress Invoice Multiple Vulnerabilities (3.8.2)
WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)
WordPress Anti-CSRF Token Security Bypass Weakness (3.3.1)
WordPress Plugin Easy Google Fonts Cross-Site Scripting (1.3.6)
WordPress Plugin Improved Sale Badges for WooCommerce Security Bypass (4.3.2)