CVE-2017-1099
https://notcve.org/view.php?id=CVE-2017-1099
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force ID: 120659. Jazz Foundation de IBM, podría exponer información potencialmente confidencial a los usuarios autenticados por medio de condiciones de error de rastreo de pila. ID de IBM X-Force: 120659. • http://www.ibm.com/support/docview.wss?uid=swg22004534 https://exchange.xforce.ibmcloud.com/vulnerabilities/120659 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-1247
https://notcve.org/view.php?id=CVE-2017-1247
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript aleatorio en la interfaz Web, lo que alterará la funcionalidad planeada potencialmente llevando a la revelación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/99002 https://exchange.xforce.ibmcloud.com/vulnerabilities/124627 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1278
https://notcve.org/view.php?id=CVE-2017-1278
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a la inyección de código HTML. Un atacante remoto podría inyectar código HTML malicioso, el que cuando se vea, se ejecutaría en el navegador de la víctima dentro de un contexto seguro del sitio. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/98994 https://exchange.xforce.ibmcloud.com/vulnerabilities/124756 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1276
https://notcve.org/view.php?id=CVE-2017-1276
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124751. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript arbitrario en la interfaz web lo que alteraría la funcionalidad planeada llevando potencialmente a la revelación de las credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22002809 http://www.securityfocus.com/bid/99000 https://exchange.xforce.ibmcloud.com/vulnerabilities/124751 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-9735
https://notcve.org/view.php?id=CVE-2016-9735
IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781, IBM Jazz Foundation podría permitir que un usuario autenticado obtenga información confidencial de las trazas de pila. IBM X-Force ID: 119781 • http://www.ibm.com/support/docview.wss?uid=swg22003064 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •