关于 CVE-2015-0130 的漏洞信息

1. 漏洞描述
From NVD
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
From 神龙GPT (AIGC)
在IBM的爵士 foundation中的爵士团队服务器上的IBM rational 协作生命周期管理(CLM)4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5;IBM rational 质量管理器(RQM)4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5;IBM rational 团队 concert(RTC)4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5;IBM rational 需求编辑器(RRC)4.x 到4.0.7;以及IBM rational DOORS Next Generation (RDNG) 4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5 允许通过精心配置的URL 向远程登录的用户注入任意的网页脚本或HTML。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference