Medium severity5.4NVD Advisory· Published Jul 3, 2018· Updated Jun 17, 2026
CVE-2017-1651
CVE-2017-1651
Description
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133261.
Affected products
85.0 - 5.0.2, 6.0 - 6.0.5+ 1 more
- (no CPE)range: 5.0 - 5.0.2, 6.0 - 6.0.5
- (no CPE)range: 5.0
5.0 - 5.0.2, 6.0 - 6.0.5+ 1 more
- (no CPE)range: 5.0 - 5.0.2, 6.0 - 6.0.5
- (no CPE)range: 5.0
- osv-coords4 versionspkg:rpm/suse/rubygem-yajl-ruby&distro=SUSE%20Enterprise%20Storage%203pkg:rpm/suse/rubygem-yajl-ruby&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/rubygem-yajl-ruby&distro=SUSE%20OpenStack%20Cloud%206pkg:rpm/suse/rubygem-yajl-ruby&distro=SUSE%20OpenStack%20Cloud%207
< 1.3.1-4.3.2+ 3 more
- (no CPE)range: < 1.3.1-4.3.2
- (no CPE)range: < 1.3.1-4.3.2
- (no CPE)range: < 1.3.1-4.3.2
- (no CPE)range: < 1.3.1-4.3.2
Patches
Vulnerability mechanics
References
2- exchange.xforce.ibmcloud.com/vulnerabilities/133261nvdThird Party AdvisoryVDB Entry
- www-prd-trops.events.ibm.com/node/715749nvdBroken LinkThird Party Advisory
News mentions
0No linked articles in our index yet.