PublicCVE

CVE-2017-1753

MEDIUM5.4JSON exportCreate alert

Description

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.

CVSS breakdown

CVSS 3.0
Availability
None
Attack Complexity
Low
Attack Vector
Network
Confidentiality
Low
Integrity
Low
Privileges Required
Low
Scope
Changed
User Interaction
Required
E
Unchanged
RC
Changed
RL
O

Affected products