CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2016-6055
https://notcve.org/view.php?id=CVE-2016-6055
23 Feb 2017 — IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1995515. IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la interfaz web alterando así la funcionalidad p... • http://www.ibm.com/support/docview.wss?uid=swg21995515 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2016-6060
https://notcve.org/view.php?id=CVE-2016-6060
15 Feb 2017 — An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. IBM Reference #: 1995547. Una vulnerabilidad no revelada en IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 podría permitir a un usuario JazzGuest ver nombres de proyectos. IBM Referencia #: 1995547. • http://www.ibm.com/support/docview.wss?uid=swg21995547 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 19EXPL: 0CVE-2017-1127
https://notcve.org/view.php?id=CVE-2017-1127
08 Feb 2017 — IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la interfaz Web alterando así la funcionalidad intencionada conduciendo pot... • http://www.ibm.com/support/docview.wss?uid=swg21996645 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1128
https://notcve.org/view.php?id=CVE-2017-1128
08 Feb 2017 — IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Rational DOORS Next Generation 4.0, 5.0 y 6.0 es vulnerable a XSS. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la interfaz Web alterando así la funcionalidad intencionada conduciendo po... • http://www.ibm.com/support/docview.wss?uid=swg21996645 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-9748
https://notcve.org/view.php?id=CVE-2016-9748
08 Feb 2017 — IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. IBM Rational DOORS Next Generation 5.0 y 6.0 revela información sensible en mensajes de respuesta a errores que puede ser usada para otros ataques contra el sistema. • http://www.ibm.com/support/docview.wss?uid=swg21991461 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 131EXPL: 0CVE-2015-4946
https://notcve.org/view.php?id=CVE-2015-4946
03 Jan 2016 — Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7... • http://www-01.ibm.com/support/docview.wss?uid=swg21973404 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.5EPSS: 0%CPEs: 131EXPL: 0CVE-2015-4962
https://notcve.org/view.php?id=CVE-2015-4962
03 Jan 2016 — Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF9, and 6.x before 6.0.1; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next ... • http://www-01.ibm.com/support/docview.wss?uid=swg21973404 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 131EXPL: 0CVE-2015-1971
https://notcve.org/view.php?id=CVE-2015-1971
03 Jan 2016 — Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF8 and 5.x before 5.0.2 IF10; Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Team Concert (RTC) 2.x and 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF8, and 5.x before 5.0.2 IF10; Rational Requirements Composer (RRC) 2.x and 3.x before 3.0.1.6 IF7 and 4.0 through 4.0.7; Rational DOORS Next Ge... • http://www-01.ibm.com/support/docview.wss?uid=swg21971164 •
CVSS: 6.8EPSS: 0%CPEs: 131EXPL: 0CVE-2015-1928
https://notcve.org/view.php?id=CVE-2015-1928
02 Jan 2016 — Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Ratio... • http://www-01.ibm.com/support/docview.wss?uid=swg21973200 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 53EXPL: 0CVE-2015-0130
https://notcve.org/view.php?id=CVE-2015-0130
20 Jul 2015 — Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated use... • http://www-01.ibm.com/support/docview.wss?uid=swg21960407 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •