CVE-2017-1278

Summary

IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124756.

Affected Software

VendorProductVersion RangeStatus
IBMRational DOORS Next Generation5.0.2affected
IBMRational DOORS Next Generation4.0.1affected
IBMRational DOORS Next Generation4.0.5affected
IBMRational DOORS Next Generation4.0.2affected
IBMRational DOORS Next Generation4.0.3affected
IBMRational DOORS Next Generation4.0.4affected
IBMRational DOORS Next Generation4.0.6affected
IBMRational DOORS Next Generation4.0.7affected
IBMRational DOORS Next Generation5.0affected
IBMRational DOORS Next Generation5.0.1affected
IBMRational DOORS Next Generation6.0affected
IBMRational DOORS Next Generation6.0.1affected
IBMRational DOORS Next Generation6.0.2affected
IBMRational DOORS Next Generation6.0.3affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References