PT-2018-5413 · Ibm · Ibm Quality Manager

Published

2018-07-06

Updated

2019-10-09

CVE-2017-1248

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: IBM Quality Manager (RQM) versions 5.0.x through 6.0.5

Description: A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

Recommendations: For versions 5.0.x through 6.0.5, update to a version that is not affected by this issue to prevent HTML injection attacks.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2017-1248

Affected Products

Ibm Quality Manager

PT-2018-5413 · Ibm · Ibm Quality Manager

CVE-2017-1248

Weakness Enumeration

Related Identifiers

Affected Products

References · 4