Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Multiple cross-site scripting (XSS) vulnerabilities in the (1) ForwardController and (2) AttributeEditor scripts in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
The security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by. Rated low severity (CVSS 1.9). No vendor patch available.