CVE-2012-2160 in Rational Changeinfo

Summary

IBM Rational Change 5.3 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the SUPP_TEMPLATE_FLAG parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

04/04/2012

Disclosure

09/29/2022

Moderation

VulDB entry created

Entries

1: VDB-209721

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.8

EPSS

0.00150

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2160
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2160
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2160/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!