Description

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0122.

Remediation

References

CVE-2015-0123

Related Vulnerabilities

WordPress Plugin Cimy User Manager 'cimy_um_filename' Parameter Arbitrary File Disclosure (1.4.2)

WordPress Plugin WP Support Plus Responsive Ticket System Security Bypass (7.1.4)

WordPress Plugin CMS Tree Page View Security Bypass (1.3.4)

Magento Improper Input Validation Vulnerability (CVE-2019-7885)

CKEditor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-32808)

Severity

Low

Classification

CVE-2015-0123 CWE-707

Tags

Missing Update Known Vulnerabilities