Page 5 of 90 results (0.008 seconds)

CVSS: 5.4EPSS: 0%CPEs: 13EXPL: 0

IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142956. IBM Rational Collaborative Lifecycle Management, de la versión 5.0 a la 5.02 y desde la versión 6.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=ibm10732477 https://exchange.xforce.ibmcloud.com/vulnerabilities/142956 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143931. IBM Rational DOORS Next Generation, de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=ibm10719841 https://exchange.xforce.ibmcloud.com/vulnerabilities/143931 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655. Múltiples productos IBM Rational son vulnerables a inyección HTML. Un atacante remoto podría ejecutar código HTML malicioso que, cuando se visualice, se ejecutaría en el navegador web de la víctima en el contexto de seguridad del sitio anfitrión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/135655 https://www.ibm.com/support/docview.wss?uid=ibm10713739 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0

Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425. Múltiples productos IBM Rational son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/138425 https://www.ibm.com/support/docview.wss?uid=ibm10713739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139025. Los productos IBM Jazz Foundation (IBM Rational DOORS Next Generation, de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.5) son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=ibm10719817 http://www.securityfocus.com/bid/105003 https://exchange.xforce.ibmcloud.com/vulnerabilities/139025 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •