IBM Rational Engineering Lifecycle Manager 5.0 up to and including 5.02 and 6.0 up to and including 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144885.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm rational engineering lifecycle manager |