Cross-Site Scripting Vulnerability in IBM Rational Focal Point
CVE-2014-0840

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Focal Point
Vendor: CVE Published:; 26 February 2014

Summary

Several cross-site scripting (XSS) vulnerabilities have been identified in IBM Rational Focal Point versions 6.4.x and 6.5.x prior to 6.5.2.3, as well as 6.6.x versions before 6.6.1. These vulnerabilities allow remote authenticated users to execute arbitrary web scripts or HTML injections through unspecified vectors. Successful exploitation may lead to the exposure of sensitive data or session hijacking, emphasizing the need for immediate updates and remediation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90698

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/65737

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg21665005

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 26, 2014
Vulnerability Reserved
Jan 6, 2014