Description

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0122.

Remediation

References

CVE-2015-0123

Related Vulnerabilities

MySQL CVE-2014-2430 Vulnerability (CVE-2014-2430)

XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-29511)

Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)

WordPress Plugin Booster for WooCommerce Security Bypass (5.4.3)

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-3953)

Severity

Low

Classification

CVE-2015-0123 CWE-707

Tags

Missing Update Known Vulnerabilities