CVE-2013-5404
https://notcve.org/view.php?id=CVE-2013-5404
Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element. Vulenrabilidad Cross-site scripting (XSS) en la aplicación de búsqueda en IBM Rational Quality Manager (RQM) 2.0 a 2.0.1.1, 3.0.1.6 3.x antes iFix 1, 4.x antes de 4.0.5, tal como se utiliza en Rational Team Concert, Rational Requirements Composer, y otros productos, permite a usuarios remotos autenticados inyectar web scripts o HTML a través de vectores relacionados con un elemento IFRAME. • http://www-01.ibm.com/support/docview.wss?uid=swg21653689 https://exchange.xforce.ibmcloud.com/vulnerabilities/87318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-2607
https://notcve.org/view.php?id=CVE-2011-2607
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165513. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en IBM Rational Team Concert (RTC) v3.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado. También conocido cómo Work Item 165513. • http://secunia.com/advisories/44926 http://www.ibm.com/support/docview.wss?uid=swg1PM40311 http://www.osvdb.org/73198 http://www.securityfocus.com/bid/48356 https://exchange.xforce.ibmcloud.com/vulnerabilities/68119 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2011-2606
https://notcve.org/view.php?id=CVE-2011-2606
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Rational Team Concert (RTC) 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165511. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Web UI in IBM Rational Team Concert (RTC) v3.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un parámetro no especificado, también conocido cómo Work Item 165511. • http://secunia.com/advisories/44926 http://www.ibm.com/support/docview.wss?uid=swg1PM40308 http://www.osvdb.org/73198 http://www.securityfocus.com/bid/48356 https://exchange.xforce.ibmcloud.com/vulnerabilities/68119 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •