CVE-2008-5324: XSS
First published: Fri Dec 05 2008(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 2007 before 2007D and 2008 before 2008B allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational ClearQuest | =2008 | |
| IBM Rational ClearQuest | =2007 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-5324?
CVE-2008-5324 is classified with a medium severity due to its potential to allow cross-site scripting attacks.
How do I fix CVE-2008-5324?
To fix CVE-2008-5324, update IBM Rational ClearQuest to version 2008B or later.
What are the types of attacks associated with CVE-2008-5324?
CVE-2008-5324 is associated with cross-site scripting (XSS) attacks that allow attackers to inject arbitrary web scripts or HTML.
Which versions of IBM Rational ClearQuest are affected by CVE-2008-5324?
CVE-2008-5324 affects IBM Rational ClearQuest versions 2007 before 2007D and 2008 before 2008B.
What are the consequences of CVE-2008-5324?
The consequences of CVE-2008-5324 may include unauthorized access to user sessions and data manipulation through XSS exploitation.
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm rational clearquest
- version/ibm rational clearquest/2008
- version/ibm rational clearquest/2007