CVE-2008-5325

IBM Rational ClearQuest <7.0.0.4, <7.0.1.3 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 7.0.0 before 7.0.0.4 and 7.0.1 before 7.0.1.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (4)

[Third Party Advisory] http://secunia.com/advisories/32847

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg1PK69316

[Broken Link] http://www.osvdb.org/50369

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/32576

Scores

EPSS 0.0032

EPSS Percentile 54.9%

Classification

CWE

CWE-79

Status published

Affected Products (2)

ibm/rational_clearquest < 7.0.0.4

n/a/n/a

Timeline

Published Dec 05, 2008

Tracked Since Feb 18, 2026