CVE-2012-0737

IBM Rational AppScan Enterprise <8.5.0.1 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (5)

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21592188

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/53247

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74560

[Third Party Advisory] http://secunia.com/advisories/48967

[Third Party Advisory] http://secunia.com/advisories/48968

Scores

EPSS 0.0021

EPSS Percentile 43.0%

Classification

CWE

CWE-79

Status published

Affected Products (16)

ibm/rational_appscan

... and 1 more

Timeline

Published May 03, 2012

Tracked Since Feb 18, 2026