IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2016-0331
Reference:
CVE-2016-0331
Title:
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 6.0.1 and 6.0.2 before 6.0.2 iFix2 and Rational Collaborative Lifecycle Management 6.0.1 and 6.0.2 before 6.0.2 iFix2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.