Description
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153495.
Remediation
References
Related Vulnerabilities
MyBB Improper Input Validation Vulnerability (CVE-2016-9420)
MySQL CVE-2018-3123 Vulnerability (CVE-2018-3123)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14830)
Apache Traffic Server CVE-2015-5168 Vulnerability (CVE-2015-5168)
Oracle HTTP Server CVE-2016-0671 Vulnerability (CVE-2016-0671)