[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Cross-site scripting (XSS) vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest via the File Description field

ID: oval:org.secpod.oval:def:7052Date: (C)2012-10-02   (M)2022-10-10
Class: VULNERABILITYFamily: windows




The host is installed with IBM Rational ClearQuest 7.1.x through 7.1.2.7 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle arbitrary web script. Successful exploitation could allow remote authenticated users to inject arbitrary web script or HTML via the File Description field.

Platform:
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product:
IBM Rational ClearQuest
Reference:
CVE-2012-2169
CVE    1
CVE-2012-2169
CPE    16
cpe:/a:ibm:rational_clearquest
cpe:/a:ibm:rational_clearquest:7.1.1.2
cpe:/a:ibm:rational_clearquest:7.1.2.1
cpe:/a:ibm:rational_clearquest:7.1.1.1
...

© SecPod Technologies