Description

IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119821.

Remediation

References

CVE-2016-9746

Related Vulnerabilities

WordPress 3.0.4 Multiple Vulnerabilities (0.6.2 - 3.0.4)

WordPress Plugin WPS Limit Login Multiple Vulnerabilities (1.4.5)

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.33)

Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2022-42129)

Artifactory Deserialization of Untrusted Data Vulnerability (CVE-2022-0573)

Severity

Medium

Classification

CVE-2016-9746 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities