Published on 26/02/14 - Updated on 29/08/17
Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 126.96.36.199 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file.
CWE-79 (Cross-Site Scripting (XSS))
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
No exploits available for this CVE in our database.