CVSS: 5.4EPSS: 0%CPEs: 10EXPL: 0CVE-2017-1546
https://notcve.org/view.php?id=CVE-2017-1546
IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915. IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22010321 http://www.securityfocus.com/bid/101895 https://exchange.xforce.ibmcloud.com/vulnerabilities/130915 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2017-1338
https://notcve.org/view.php?id=CVE-2017-1338
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22004138 http://www.securityfocus.com/bid/100353 https://exchange.xforce.ibmcloud.com/vulnerabilities/126246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1247
https://notcve.org/view.php?id=CVE-2017-1247
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript aleatorio en la interfaz Web, lo que alterará la funcionalidad planeada potencialmente llevando a la revelación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/99002 https://exchange.xforce.ibmcloud.com/vulnerabilities/124627 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1276
https://notcve.org/view.php?id=CVE-2017-1276
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript arbitrario en la interfaz web lo que alteraría la funcionalidad planeada llevando potencialmente a la revelación de las credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/99000 https://exchange.xforce.ibmcloud.com/vulnerabilities/124751 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1278
https://notcve.org/view.php?id=CVE-2017-1278
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a la inyección de código HTML. Un atacante remoto podría inyectar código HTML malicioso, el que cuando se vea, se ejecutaría en el navegador de la víctima dentro de un contexto seguro del sitio. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/98994 https://exchange.xforce.ibmcloud.com/vulnerabilities/124756 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •