Description

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.

Remediation

References

CVE-2017-1753

Related Vulnerabilities

Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)

WordPress Plugin WordPress Popups for Marketing and Email Newsletters, Lead Generation and Conversions by OptinMonster Cross-Site Scripting (2.6.0)

WordPress Plugin LearnPress-WordPress LMS Multiple Cross-Site Scripting Vulnerabilities (4.1.3)

WordPress Plugin Woocommerce Product Designer Arbitrary File Upload (3.0.3)

WordPress Plugin Under Construction Unspecified Vulnerability (3.85)

Severity

Medium

Classification

CVE-2017-1753 CWE-94 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities