CVE-2020-4663

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Quality Assistant On-Premises (affected versions not specified)

Description The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. This is due to a cross-site scripting vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.