The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote malicious users to obtain potentially sensitive information (page source code) via a combination of ?script? and ?/script? sequences in the id field, possibly related to a cross-site scripting (XSS) vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm rational clearquest 7.0.1 |