The OSLC interface in the Web Client (aka CQ Web) in IBM Rational ClearQuest 7.1.2.x before 7.1.2.9 and 8.0.0.x before 8.0.0.5 allows remote attackers to conduct phishing attacks via a FRAME element.Referenceshttp://www-01.ibm.com/support/docview.wss?uid=swg21620342http://www.securitytracker.com/id?1027889https://exchange.xforce.ibmcloud.com/vulnerabilities/79068
