Description
IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148616.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2017-10285 Vulnerability (CVE-2017-10285)
WordPress Plugin Import all XML, CSV & TXT into WordPress Security Bypass (6.4.1)
WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-2351)
WordPress Plugin Smart Slideshow 'upload.php' Arbitrary File Upload (2.1)