Description

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0122.

Remediation

References

CVE-2015-0123

Related Vulnerabilities

XWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2023-29520)

phpBB Improper Input Validation Vulnerability (CVE-2006-2220)

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3759)

WordPress Plugin The Events Calendar Countdown Addon Security Bypass (1.3.1)

Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18083)

Severity

Low

Classification

CVE-2015-0123 CWE-707

Tags

Missing Update Known Vulnerabilities