CVE-2017-1324
https://notcve.org/view.php?id=CVE-2017-1324
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125975. IBM RELM 4.0, 5.0 y 6.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22008785 http://www.securityfocus.com/bid/101062 https://exchange.xforce.ibmcloud.com/vulnerabilities/125975 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1369
https://notcve.org/view.php?id=CVE-2017-1369
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126862. IBM RELM 4.0, 5.0 y 6.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22008785 http://www.securityfocus.com/bid/101062 https://exchange.xforce.ibmcloud.com/vulnerabilities/126862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1429
https://notcve.org/view.php?id=CVE-2017-1429
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127587. Las versiones 4.0, 5.0 y 6.0 de IBM RELM son vulnerables a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22008785 http://www.securityfocus.com/bid/101062 https://exchange.xforce.ibmcloud.com/vulnerabilities/127587 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1168
https://notcve.org/view.php?id=CVE-2017-1168
IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123187. IBM Rational Engineering Lifecycle Manager 4.0, 5.0, y 6.0 es vulnerable a ataques de tipo Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, alterando las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22006976 http://www.securityfocus.com/bid/100269 https://exchange.xforce.ibmcloud.com/vulnerabilities/123187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-9700
https://notcve.org/view.php?id=CVE-2016-9700
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528. IBM Jazz Foundation podría permitir a un atacante autenticado obtener información confidencial de los rastreos de la pila de los mensajes de error. IBM X-Force ID: 119528. • http://www.ibm.com/support/docview.wss?uid=swg22005435 https://exchange.xforce.ibmcloud.com/vulnerabilities/119528 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •