Vulnerability Details CVE-2014-4801
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 50.6%
CVSS Severity
CVSS v2 Score 3.5
Products affected by CVE-2014-4801
-
cpe:2.3:a:ibm:rational_quality_manager:2.0
-
cpe:2.3:a:ibm:rational_quality_manager:2.0.0.1
-
cpe:2.3:a:ibm:rational_quality_manager:2.0.0.2
-
cpe:2.3:a:ibm:rational_quality_manager:2.0.1
-
cpe:2.3:a:ibm:rational_quality_manager:3.0
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1.1
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1.2
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1.3
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1.4
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1.5
-
cpe:2.3:a:ibm:rational_quality_manager:3.0.1.6
-
cpe:2.3:a:ibm:rational_quality_manager:4.0
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.1
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.2
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.3
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.4
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.5
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.6
-
cpe:2.3:a:ibm:rational_quality_manager:4.0.7
-
cpe:2.3:a:ibm:rational_quality_manager:5.0.0