CVE-2010-4600

Dojo Toolkit - Exposure of Sensitive Information via Cookie Access

Title source: llm
STIX 2.1

Description

Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue.

References (3)

Core 3
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM15146
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42624

Scores

EPSS 0.0123
EPSS Percentile 65.3%

Details

CWE
CWE-200
Status published
Products (5)
dojofoundation/dojo_toolkit
ibm/rational_clearquest 7.1.1.1
ibm/rational_clearquest 7.1.1.2
ibm/rational_clearquest 7.1.1.3
ibm/rational_clearquest 7.1.2
Published Dec 29, 2010
Tracked Since Feb 18, 2026