漏洞标题
N/A
漏洞描述信息
在IBM的爵士 foundation中的爵士团队服务器上的IBM rational 协作生命周期管理(CLM)4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5;IBM rational 质量管理器(RQM)4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5;IBM rational 团队 concert(RTC)4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5;IBM rational 需求编辑器(RRC)4.x 到4.0.7;以及IBM rational DOORS Next Generation (RDNG) 4.x 前4.0.7 IF6 和5.x 前5.0.2 IF5 允许通过精心配置的URL 向远程登录的用户注入任意的网页脚本或HTML。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款IBM产品跨站脚本漏洞
漏洞描述信息
IBM Rational Collaborative Lifecycle Management(CLM)等都是美国IBM公司的产品。IBM Rational CLM、Rational Team Concert(RTC)和Rational Engineering Lifecycle Manager都是协作化生命周期管理解决方案;Rational Quality Manager(RQM)是一套协作的、基于Web的质量管理解决方案;Rational Requirements Composer和Rational
CVSS信息
N/A
漏洞类别
跨站脚本