Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibm | rational_clearquest | 7.1.1.3 |
| ibm | rational_clearquest | 7.1.1.2 |
| ibm | rational_clearquest | 7.1.1.1 |
| dojofoundation | dojo_toolkit | * |
| ibm | rational_clearquest | 7.1.2 |