Описание
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:dojofoundation:dojo_toolkit:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_clearquest:7.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00234
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue.
EPSS
Процентиль: 46%
0.00234
Низкий
5 Medium
CVSS2
Дефекты
CWE-200