Cross-Site Scripting Vulnerability in IBM Rational DOORS and Requirements Composer
CVE-2015-0125

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Requirements Composer
Vendor: CVE Published:; 18 March 2015

Summary

The vulnerability exists in IBM Rational DOORS Next Generation and Rational Requirements Composer, where remote authenticated users can inject arbitrary web scripts or HTML through specially crafted URLs. This flaw could potentially enable attackers to execute malicious scripts within the context of the user's session, compromising sensitive information and application integrity. Updates and patches should be applied promptly to mitigate the risks associated with this security issue.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21697297

x_refsource_CONFIRM

http://www.securityfocus.com/bid/73105

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 18, 2015
Vulnerability Reserved
Nov 18, 2014