CVE-2014-0853

Name of the Vulnerable Software and Affected Versions IBM Rational Focal Point versions 6.4.x through 6.5.x before 6.5.2.3 IBM Rational Focal Point versions 6.6.x before 6.6.1

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the ForwardController and AttributeEditor scripts. These vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For IBM Rational Focal Point versions 6.4.x through 6.5.x before 6.5.2.3, update to version 6.5.2.3 or later. For IBM Rational Focal Point versions 6.6.x before 6.6.1, update to version 6.6.1 or later.