IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893.
CWE-79
CVE-2018-15562
CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php.
CVE-2018-15563
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
CVE-2018-15566
tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter.
CVE-2018-15567
CMSUno before 1.5.3 has XSS via the title field.
CVE-2018-1557
IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142955.
