Cross-Site Scripting Vulnerability in IBM Rational ClearQuest
CVE-2012-5757

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Clearquest
Vendor: CVE Published:; 21 March 2013

Summary

A cross-site scripting vulnerability exists in the Web Client of IBM Rational ClearQuest versions 7.1.x prior to 7.1.2.10 and 8.x prior to 8.0.0.6. This flaw can allow remote attackers to execute arbitrary web scripts or HTML by tricking users into clicking specially crafted URLs. Successful exploitation may lead to unauthorized actions within the context of the user's session.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PM77153

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/80061

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21619993

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 21, 2013
Vulnerability Reserved
Nov 2, 2012