First published: Fri Mar 08 2019(Updated: )
IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150428.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Rational Collaborative Lifecycle Management | >=5.0<=6.0.6 | |
IBM Rational Quality Manager | >=5.0<=6.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-1825.
The severity of CVE-2018-1825 is medium, with a severity value of 5.4.
IBM Rational Quality Manager versions 5.0 through 6.0.6 are affected.
This vulnerability allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.
Yes, you can find more information at the following references: [1](http://www.ibm.com/support/docview.wss?uid=ibm10875318), [2](http://www.securityfocus.com/bid/107433), [3](https://exchange.xforce.ibmcloud.com/vulnerabilities/150428).