CVE-2008-5325: XSS
First published: Fri Dec 05 2008(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational ClearQuest | >=7.0.0.0<7.0.0.4 | |
| IBM Rational ClearQuest | >=7.0.1<7.0.1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-5325?
CVE-2008-5325 is classified as a medium severity vulnerability due to its potential for cross-site scripting (XSS) attacks.
What versions of IBM Rational ClearQuest are affected by CVE-2008-5325?
CVE-2008-5325 affects IBM Rational ClearQuest versions 7.0.0 to 7.0.0.4 and 7.0.1 to 7.0.1.3.
How do I fix CVE-2008-5325?
To fix CVE-2008-5325, upgrade to IBM Rational ClearQuest version 7.0.0.4 or 7.0.1.3 or later.
What types of attacks are possible with CVE-2008-5325?
CVE-2008-5325 could allow attackers to inject arbitrary web scripts or HTML into affected applications.
What are the implications of exploiting CVE-2008-5325?
Exploiting CVE-2008-5325 can lead to unauthorized actions on behalf of users, data theft, or session hijacking.
- agent/references
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm rational clearquest
- version/ibm rational clearquest/7.0.0.0
- version/ibm rational clearquest/7.0.1