CVE-2008-5325

Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: Dec 5, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5325
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
ibm / rational_clearquest	7.0.0.0	7.0.0.4
ibm / rational_clearquest	7.0.1	7.0.1.3

http://secunia.com/advisories/32847
http://www-01.ibm.com/support/docview.wss?uid=swg1PK69316
http://www.osvdb.org/50369
http://www.securityfocus.com/bid/32576

Vulnerability Database

289,871

CVE-2008-5325