Description

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136006.

Remediation

References

CVE-2017-1762

Related Vulnerabilities

WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727)

WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)

WordPress Plugin Homepage SlideShow Arbitrary File Upload (2.3)

WordPress Plugin WP User Manager-User Profile Builder & Membership Security Bypass (2.6.2)

Oracle Database Server CVE-2012-0525 Vulnerability (CVE-2012-0525)

Severity

Medium

Classification

CVE-2017-1762 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Tags

Missing Update Known Vulnerabilities