Description

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Remediation

References

CVE-2016-0331

Related Vulnerabilities

Oracle Database Server CVE-2015-0370 Vulnerability (CVE-2015-0370)

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6635)

WordPress Other Vulnerability (CVE-2007-4165)

WordPress Plugin Easy2Map Photos Cross-Site Scripting (2.0.6)

WordPress Plugin Simple Dropbox Upload Arbitrary File Upload (1.8.8)

Severity

Medium

Classification

CVE-2016-0331 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities