CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1317
https://notcve.org/view.php?id=CVE-2017-1317
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125729. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/125729 https://www-prd-trops.events.ibm.com/node/715749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1690
https://notcve.org/view.php?id=CVE-2017-1690
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134065. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/134065 https://www-prd-trops.events.ibm.com/node/715749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1561
https://notcve.org/view.php?id=CVE-2017-1561
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131760. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/131760 https://www-prd-trops.events.ibm.com/node/715749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1250
https://notcve.org/view.php?id=CVE-2017-1250
IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force 124630. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • https://exchange.xforce.ibmcloud.com/vulnerabilities/124630 https://www-prd-trops.events.ibm.com/node/715749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2017-1725
https://notcve.org/view.php?id=CVE-2017-1725
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) contain an undisclosed vulnerability with the potential for information disclosure. IBM X-Force ID: 134820. IBM Jazz Team Server afecta a los siguientes productos IBM Rational: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) y Rational Software Architect (RSA DM) contienen una vulnerabilidad no revelada que tiene el potencial de provocar una divulgación de información. IBM X-Force ID: 134820. • http://www.ibm.com/support/docview.wss?uid=swg22015635 https://exchange.xforce.ibmcloud.com/vulnerabilities/134820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •