CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1247
https://notcve.org/view.php?id=CVE-2017-1247
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript aleatorio en la interfaz Web, lo que alterará la funcionalidad planeada potencialmente llevando a la revelación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/99002 https://exchange.xforce.ibmcloud.com/vulnerabilities/124627 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1276
https://notcve.org/view.php?id=CVE-2017-1276
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript arbitrario en la interfaz web lo que alteraría la funcionalidad planeada llevando potencialmente a la revelación de las credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/99000 https://exchange.xforce.ibmcloud.com/vulnerabilities/124751 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1278
https://notcve.org/view.php?id=CVE-2017-1278
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a la inyección de código HTML. Un atacante remoto podría inyectar código HTML malicioso, el que cuando se vea, se ejecutaría en el navegador de la víctima dentro de un contexto seguro del sitio. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/98994 https://exchange.xforce.ibmcloud.com/vulnerabilities/124756 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2016-6055
https://notcve.org/view.php?id=CVE-2016-6055
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515. IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la interfaz web alterando así la funcionalidad prevista conduciendo potencialmente a divulgación de credenciales en una sesión de confianza. • http://www.ibm.com/support/docview.wss?uid=swg21995515 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2016-6060
https://notcve.org/view.php?id=CVE-2016-6060
An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547. Una vulnerabilidad no revelada en IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 podría permitir a un usuario JazzGuest ver nombres de proyectos. IBM Referencia #: 1995547. • http://www.ibm.com/support/docview.wss?uid=swg21995547 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •