HTML Injection Vulnerability in IBM Rational Products
CVE-2017-1753

5.4MEDIUM

Summary

Multiple IBM Rational products are at risk due to a vulnerability that allows for HTML injection. This issue enables a remote attacker to inject malicious HTML code, which can be executed in the victim's web browser when the compromised content is viewed. This could lead to unauthorized actions and data leakage in the context of the hosting site.

Affected Version(s)

Rational Collaborative Lifecycle Management 5.0

Rational Collaborative Lifecycle Management 5.0.1

Rational Collaborative Lifecycle Management 5.0.2

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.