CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1509
https://notcve.org/view.php?id=CVE-2017-1509
06 Jul 2018 — IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719. Los productos IBM Jazz Foundation podrían permitir que un usuario autenticado obtenga información sensible de una traza de pila que se podría utilizar para futuros ataques. IBM X-Force ID: 129719. • https://exchange.xforce.ibmcloud.com/vulnerabilities/129719 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-1248
https://notcve.org/view.php?id=CVE-2017-1248
06 Jul 2018 — IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628. IBM Quality Manager (RQM) en versiones 5.0.x y desde la 6.0 hasta la 6.0.5 es vulnerable a inyección HTML. Un atacante remoto podría ejecutar código HTML malicioso que, cuando se visualiza, se ejecutaría en el navegador web de la víct... • http://www.ibm.com/support/docview.wss?uid=ibm10716201 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2017-1329
https://notcve.org/view.php?id=CVE-2017-1329
06 Jul 2018 — IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231. IBM Quality Manager (RQM) en versiones 5.0.x y desde la 6.0 hasta la 6.0.5 es vulnerable a inyección HTML. Un atacante remoto podría ejecutar código HTML malicioso que, cuando se visualiza, se ejecutaría en el navegador web de la víct... • http://www.ibm.com/support/docview.wss?uid=ibm10716201 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1488
https://notcve.org/view.php?id=CVE-2017-1488
06 Jul 2018 — An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627. Existe una vulnerabilidad no conocida en los productos comunes de Jazz que podría permitir la divulgación de información. IBM X-Force ID: 128627. • https://exchange.xforce.ibmcloud.com/vulnerabilities/128627 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1561
https://notcve.org/view.php?id=CVE-2017-1561
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131760. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/131760 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1562
https://notcve.org/view.php?id=CVE-2017-1562
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131761. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/131761 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1564
https://notcve.org/view.php?id=CVE-2017-1564
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131764. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/131764 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1565
https://notcve.org/view.php?id=CVE-2017-1565
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131765. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/131765 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1568
https://notcve.org/view.php?id=CVE-2017-1568
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131778. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/131778 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1592
https://notcve.org/view.php?id=CVE-2017-1592
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132493. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/132493 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •