CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2017-1239
https://notcve.org/view.php?id=CVE-2017-1239
06 Jul 2018 — IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357. IBM Quality Manager (RQM) en versiones 5.0.x y desde la 6.0 hasta la 6.0.5 podría revelar información sensible en respuestas de error "HTTP 500: Error interno del servidor". IBM X-Force ID: 124357. • http://www.ibm.com/support/docview.wss?uid=ibm10716201 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1509
https://notcve.org/view.php?id=CVE-2017-1509
06 Jul 2018 — IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719. Los productos IBM Jazz Foundation podrían permitir que un usuario autenticado obtenga información sensible de una traza de pila que se podría utilizar para futuros ataques. IBM X-Force ID: 129719. • https://exchange.xforce.ibmcloud.com/vulnerabilities/129719 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2017-1242
https://notcve.org/view.php?id=CVE-2017-1242
06 Jul 2018 — IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124524. IBM Quality Manager (RQM) en versiones 5.0.x y desde la 6.0 hasta la 6.0.5 es vulnerable a inyección HTML. Un atacante remoto podría ejecutar código HTML malicioso que, cuando se visualiza, se ejecutaría en el navegador web de la víct... • http://www.ibm.com/support/docview.wss?uid=ibm10716201 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1237
https://notcve.org/view.php?id=CVE-2017-1237
06 Jul 2018 — IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355. Las aplicaciones basadas en IBM Jazz son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalida... • https://exchange.xforce.ibmcloud.com/vulnerabilities/124355 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1277
https://notcve.org/view.php?id=CVE-2017-1277
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124752. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/124752 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1299
https://notcve.org/view.php?id=CVE-2017-1299
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/125161 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1293
https://notcve.org/view.php?id=CVE-2017-1293
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125154. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/125154 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1281
https://notcve.org/view.php?id=CVE-2017-1281
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124759. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/124759 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1621
https://notcve.org/view.php?id=CVE-2017-1621
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133088. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/133088 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 18EXPL: 0CVE-2017-1315
https://notcve.org/view.php?id=CVE-2017-1315
03 Jul 2018 — IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125727. IBM Rational Quality Manager y IBM Rational Collaborative Lifecycle Management, desde la versión 5.0 hasta la 5.0.2 y desde la versió... • https://exchange.xforce.ibmcloud.com/vulnerabilities/125727 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •