漏洞标题
N/A
漏洞描述信息
在IBM Rational Collaborative Lifecycle Management 6.x 6.0.1 iFix6之前,Rational Quality Manager 6.x、Rational Team Concert 6.x、Rational DOORS Next Generation 6.x、Rational Engineering Lifecycle Manager 6.x 和 Rational Rhapsody Design Manager 6.x 都存在着跨站脚本(XSS)漏洞,允许远程登录的用户通过未指定 vectors 注入任意的网页脚本或 HTML。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality Manager 6.x before 6.0.1 iFix6, Rational Team Concert 6.x before 6.0.1 iFix6, Rational DOORS Next Generation 6.x before 6.0.1 iFix6, Rational Engineering Lifecycle Manager 6.x before 6.0.1 iFix6, and Rational Rhapsody Design Manager 6.x before 6.0.1 iFix6 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款IBM产品跨站脚本漏洞
漏洞描述信息
IBM Rational Collaborative Lifecycle Management(CLM)等都是美国IBM公司的产品。IBM Rational CLM、Rational Team Concert(RTC)和Rational Engineering Lifecycle Manager都是协作化生命周期管理解决方案;Rational Quality Manager(RQM)是一套协作的、基于Web的质量管理解决方案;Rational Requirements Composer和Rational
CVSS信息
N/A
漏洞类别
跨站脚本