CVE-2017-1753

Description

Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.

CVSS breakdown

Affected products

• ibm / Rational Collaborative Lifecycle Management5.0 – 5.0
• ibm / Rational Collaborative Lifecycle Management6.0.5 – 6.0.5
• ibm / Rational Collaborative Lifecycle Management6.0.4 – 6.0.4
• ibm / Rational Collaborative Lifecycle Management6.0.3 – 6.0.3
• ibm / Rational Collaborative Lifecycle Management6.0.2 – 6.0.2
• ibm / Rational Collaborative Lifecycle Management6.0.1 – 6.0.1
• ibm / Rational Collaborative Lifecycle Management6.0 – 6.0
• ibm / Rational Collaborative Lifecycle Management5.0.2 – 5.0.2
• ibm / Rational Collaborative Lifecycle Management5.0.1 – 5.0.1
• ibm / Rational DOORS Next Generation5.0.2 – 5.0.2
• ibm / Rational DOORS Next Generation5.0 – 5.0
• ibm / Rational DOORS Next Generation5.0.1 – 5.0.1
• ibm / Rational DOORS Next Generation6.0 – 6.0
• ibm / Rational DOORS Next Generation6.0.1 – 6.0.1
• ibm / Rational DOORS Next Generation6.0.2 – 6.0.2
• ibm / Rational DOORS Next Generation6.0.3 – 6.0.3
• ibm / Rational DOORS Next Generation6.0.4 – 6.0.4
• ibm / Rational DOORS Next Generation6.0.5 – 6.0.5
• ibm / Rational Engineering Lifecycle Manager5.0.2 – 5.0.2
• ibm / Rational Engineering Lifecycle Manager5.0 – 5.0
• ibm / Rational Engineering Lifecycle Manager5.0.1 – 5.0.1
• ibm / Rational Engineering Lifecycle Manager6.0 – 6.0
• ibm / Rational Engineering Lifecycle Manager6.0.1 – 6.0.1
• ibm / Rational Engineering Lifecycle Manager6.0.2 – 6.0.2
• ibm / Rational Engineering Lifecycle Manager6.0.3 – 6.0.3
• ibm / Rational Engineering Lifecycle Manager6.0.4 – 6.0.4
• ibm / Rational Engineering Lifecycle Manager6.0.5 – 6.0.5
• ibm / Rational Quality Manager5.0.1 – 5.0.1
• ibm / Rational Quality Manager5.0 – 5.0
• ibm / Rational Quality Manager6.0.5 – 6.0.5
• ibm / Rational Quality Manager6.0.4 – 6.0.4
• ibm / Rational Quality Manager6.0.3 – 6.0.3
• ibm / Rational Quality Manager6.0.2 – 6.0.2
• ibm / Rational Quality Manager6.0.1 – 6.0.1
• ibm / Rational Quality Manager6.0 – 6.0
• ibm / Rational Quality Manager5.0.2 – 5.0.2
• ibm / Rational Rhapsody Design Manager5.0.2 – 5.0.2
• ibm / Rational Rhapsody Design Manager5.0 – 5.0
• ibm / Rational Rhapsody Design Manager6.0.5 – 6.0.5
• ibm / Rational Rhapsody Design Manager6.0.4 – 6.0.4
• ibm / Rational Rhapsody Design Manager6.0.3 – 6.0.3
• ibm / Rational Rhapsody Design Manager6.0.2 – 6.0.2
• ibm / Rational Rhapsody Design Manager6.0.1 – 6.0.1
• ibm / Rational Rhapsody Design Manager6.0 – 6.0
• ibm / Rational Rhapsody Design Manager5.0.1 – 5.0.1
• ibm / Rational Software Architect Design Manager6.0.1 – 6.0.1
• ibm / Rational Software Architect Design Manager5.0.2 – 5.0.2
• ibm / Rational Software Architect Design Manager5.0 – 5.0
• ibm / Rational Software Architect Design Manager5.0.1 – 5.0.1
• ibm / Rational Software Architect Design Manager6.0 – 6.0
• ibm / Rational Team Concert5.0 – 5.0
• ibm / Rational Team Concert6.0.5 – 6.0.5
• ibm / Rational Team Concert6.0.3 – 6.0.3
• ibm / Rational Team Concert6.0.4 – 6.0.4
• ibm / Rational Team Concert6.0.2 – 6.0.2
• ibm / Rational Team Concert6.0.1 – 6.0.1
• ibm / Rational Team Concert6.0 – 6.0
• ibm / Rational Team Concert5.0.1 – 5.0.1

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/135655
• MISChttps://www.ibm.com/support/docview.wss?uid=ibm10713739