PT-2017-12687 · Ibm · Ibm Doors Next Generation
Published
2017-06-12
·
Updated
2017-06-16
·
CVE-2017-1278
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM DOORS Next Generation (DNG/RRC) versions 4.0 through 6.0
Description
The issue allows a remote attacker to inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. This is due to an HTML injection issue.
Recommendations
For versions 4.0 through 6.0, update to a version that includes a fix for this issue to prevent HTML injection attacks.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Doors Next Generation