Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2016-2986 - Vulnerability Database
IBM RTC

IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2016-2986

Medium
Reference: CVE-2016-2986
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-2986
Title: IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6 Rational Quality Manager 6.x before 6.0.1 iFix6 Rational Team Concert 6.x before 6.0.1 iFix6 Rational DOORS Next Generation 6.x before 6.0.1 iFix6 Rational Engineering Lifecycle Manager 6.x before 6.0.1 iFix6 and Rational Rhapsody Design Manager 6.x before 6.0.1 iFix6 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.