Description

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379.

Remediation

References

CVE-2017-1655

Related Vulnerabilities

WordPress Plugin Search & Filter Cross-Site Scripting (1.2.15)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-2679)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35611)

IBM WebSEAL Missing Authorization Vulnerability (CVE-2020-4499)

WordPress Plugin Vodpod Video Gallery 'gid' Parameter Cross-Site Scripting (3.1.5)

Severity

Medium

Classification

CVE-2017-1655 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities