cpe:/a:ibm:rational_doors_next_generation:5.0 cpe:/a:ibm:rational_doors_next_generation:5.0.0 cpe:/a:ibm:rational_doors_next_generation:5.0.1 cpe:/a:ibm:rational_doors_next_generation:5.0.2 cpe:/a:ibm:rational_doors_next_generation:6.0.0 cpe:/a:ibm:rational_doors_next_generation:6.0.1 cpe:/a:ibm:rational_doors_next_generation:6.0.2 cpe:/a:ibm:rational_doors_next_generation:6.0.3 cpe:/a:ibm:rational_requirements_composer:4.0.1 cpe:/a:ibm:rational_requirements_composer:4.0.2 cpe:/a:ibm:rational_requirements_composer:4.0.3 cpe:/a:ibm:rational_requirements_composer:4.0.4 cpe:/a:ibm:rational_requirements_composer:4.0.5 cpe:/a:ibm:rational_requirements_composer:4.0.6 cpe:/a:ibm:rational_requirements_composer:4.0.7 CVE-2017-1247 2017-06-12T15:29:00.260-04:00 2017-06-16T08:51:56.063-04:00 3.5 NETWORK MEDIUM SINGLE_INSTANCE NONE PARTIAL NONE http://nvd.nist.gov 2017-06-15T20:11:51.997-04:00 BID 99002 CONFIRM http://www.ibm.com/support/docview.wss?uid=swg22002809 MISC https://exchange.xforce.ibmcloud.com/vulnerabilities/124627 IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627.