top of page

Sentence 21

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143498.

Actual

  • Exploit mechanism: cross-site scripting

  • Exploit objective: altering the intended functionality, credentials disclosure

  • Attack pathway: embed arbitrary JavaScript code

Predicted

  • Exploit mechanism: cross-site scripting

  • Exploit objective: altering the intended functionality, credentials disclosure

  • Attack pathway: embed arbitrary JavaScript code in the Web UI

bottom of page