Description
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153495.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2021-2173 Vulnerability (CVE-2021-2173)
Drupal Cryptographic Issues Vulnerability (CVE-2013-6386)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7852)