Page 15 of 135 results (0.008 seconds)

CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131760. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/131760 https://www-prd-trops.events.ibm.com/node/715749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force 124630. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/124630 https://www-prd-trops.events.ibm.com/node/715749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) contain an undisclosed vulnerability with the potential for information disclosure. IBM X-Force ID: 134820. IBM Jazz Team Server afecta a los siguientes productos IBM Rational: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) y Rational Software Architect (RSA DM) contienen una vulnerabilidad no revelada que tiene el potencial de provocar una divulgación de información. IBM X-Force ID: 134820. • http://www.ibm.com/support/docview.wss?uid=swg22015635 https://exchange.xforce.ibmcloud.com/vulnerabilities/134820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) could allow an authenticated user to cause a denial of service due to incorrect authorization for resource intensive scenarios. IBM X-Force ID: 134392. IBM Jazz Team Server afecta a los siguientes productos IBM Rational: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) y Rational Software Architect (RSA DM), que podrían permitir que un usuario autenticado provoque una denegación de servicio (DoS) debido a la autorización incorrecta para los escenarios que emplean una cantidad intensa de recursos. IBM X-Force ID: 134392. • http://www.ibm.com/support/docview.wss?uid=swg22015635 https://exchange.xforce.ibmcloud.com/vulnerabilities/134392 • CWE-863: Incorrect Authorization •

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users. IBM X-Force ID: 134915. IBM Jazz Team Server afecta a los siguientes productos IBM Rational: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) y Rational Software Architect (RSA DM) almacenan información potencialmente sensible en una caché que podría ser leída por usuarios autenticados. IBM X-Force ID: 134915. • http://www.ibm.com/support/docview.wss?uid=swg22015635 https://exchange.xforce.ibmcloud.com/vulnerabilities/134915 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •