CVE-2014-0843

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
3.5LOW
EPSS
0.3%
top 51.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Focal Point
Timeline
PublishedFeb 26
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/rational_focal_point17 versions+16

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-wc83-j7mg-m426: Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 62022-05-17
CVEList
CVE-2014-0843: Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 62014-02-25
CVE-2014-0843 (LOW CVSS 3.5) | Cross-site scripting (XSS) vulnerab | cvebase.io