CVE-2013-5404

Опубликовано: 10 дек. 2013

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:rational_quality_manager:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:2.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:2.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:2.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00166

Низкий

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-gj3g-f445-3rm6

github

больше 3 лет назад