CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2018-1916
https://notcve.org/view.php?id=CVE-2018-1916
14 Mar 2019 — IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152740. IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager, desde la versión 5.0 hasta la 6.0.6) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permit... • http://www.ibm.com/support/docview.wss?uid=ibm10875340 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1823
https://notcve.org/view.php?id=CVE-2018-1823
14 Mar 2019 — IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150426. IBM Rational Quality Manager, desde la versión 5.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usu... • http://www.ibm.com/support/docview.wss?uid=ibm10875318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1824
https://notcve.org/view.php?id=CVE-2018-1824
14 Mar 2019 — IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150427. IBM Rational Quality Manager, desde la versión 5.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usu... • http://www.ibm.com/support/docview.wss?uid=ibm10875318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1825
https://notcve.org/view.php?id=CVE-2018-1825
14 Mar 2019 — IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150428. IBM Rational Quality Manager, desde la versión 5.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usu... • http://www.ibm.com/support/docview.wss?uid=ibm10875318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1829
https://notcve.org/view.php?id=CVE-2018-1829
14 Mar 2019 — IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150432. IBM Rational Quality Manager, desde la versión 5.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usu... • http://www.ibm.com/support/docview.wss?uid=ibm10875318 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1658
https://notcve.org/view.php?id=CVE-2018-1658
14 Mar 2019 — IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 144884. IBM Jazz Founda... • http://www.ibm.com/support/docview.wss?uid=ibm10875340 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2018-1688
https://notcve.org/view.php?id=CVE-2018-1688
14 Mar 2019 — IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145509. IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 6.0.6) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabili... • http://www.ibm.com/support/docview.wss?uid=ibm10875340 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2018-1758 – Ubuntu Security Notice USN-3852-1
https://notcve.org/view.php?id=CVE-2018-1758
10 Jan 2019 — IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605. IBM Rational Collaborative Lifecycle Management 6.0 a 6.0.6.1 es vulnerable a los scripts entre sitios. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario e... • http://www.ibm.com/support/docview.wss?uid=ibm10956525 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1762
https://notcve.org/view.php?id=CVE-2018-1762
29 Nov 2018 — IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148616. IBM Rational Collaborative Lifecycle Management desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting (XSS).... • http://www.securityfocus.com/bid/106053 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1694
https://notcve.org/view.php?id=CVE-2018-1694
06 Nov 2018 — IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Ration... • http://www.ibm.com/support/docview.wss?uid=ibm10738301 •