IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190460.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NIBM Doors Next
APPIbm7.07.0.17.0.2IBM Engineering Lifecycle Management
APPIbm7.07.0.17.0.2IBM Engineering Requirements Quality Assistant On Premises
APPIbmwszystkie wersjeIBM Engineering Test Management
APPIbm7.0.07.0.17.0.2IBM Engineering Workflow Management
APPIbm7.07.0.17.0.2IBM Global Configuration Management
APPIbmwszystkie wersjeIBM Rational Doors Next Generation
APPIbm6.0.26.0.66.0.6.1IBM Rational Quality Manager
APPIbm6.0.26.0.66.0.6.1IBM Rational Team Concert
APPIbm6.0.26.0.66.0.6.1
Related vulnerabilities
IBM Engineering Lifecycle Management — nieautoryzowany zapis plików konfiguracyjnych serwera
RCE poprzez race condition w IBM DOORS Next — CVE-2024-41787
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privi...
IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 th...
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Inj...