CVE-2015-7485
https://notcve.org/view.php?id=CVE-2015-7485
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108626. Vulnerabilidad de Cross-Site Scripting (XSS) en IBM Rational Engineering Lifecycle Manager 3.0 anterior a 3.0.1.6 iFix7 Interim Fix 1, 4.0 anterior a 4.0.7 iFix10, 5.0 anterior a 5.0.2 iFix15 y 6.0 anterior a 6.0.1 iFix4 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante vectores sin especificar. IBM X-Force ID: 108626. • http://www-01.ibm.com/support/docview.wss?uid=swg21983720 https://exchange.xforce.ibmcloud.com/vulnerabilities/108626 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-7486
https://notcve.org/view.php?id=CVE-2015-7486
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108633. Vulnerabilidad de Cross-Site Scripting (XSS) en IBM Rational Engineering Lifecycle Manager 3.0 anterior a 3.0.1.6 iFix7 Interim Fix 1, 4.0 anterior a 4.0.7 iFix10, 5.0 anterior a 5.0.2 iFix15 y 6.0 anterior a 6.0.1 iFix4 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante vectores sin especificar. IBM X-Force ID: 108633. • http://www-01.ibm.com/support/docview.wss?uid=swg21983720 https://exchange.xforce.ibmcloud.com/vulnerabilities/108633 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-7474
https://notcve.org/view.php?id=CVE-2015-7474
Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108501. Vulnerabilidad de Cross-Site Scripting (XSS) en Jazz Foundation en IBM Rational Engineering Lifecycle Manager 3.0 anterior a 3.0.1.6 iFix7 Interim Fix 1, 4.0 anterior a 4.0.7 iFix10, 5.0 anterior a 5.0.2 iFix15 y 6.0 anterior a 6.0.1 iFix4 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante vectores sin especificar. IBM X-Force ID: 108501. • http://www-01.ibm.com/support/docview.wss?uid=swg21983720 https://exchange.xforce.ibmcloud.com/vulnerabilities/108501 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1191
https://notcve.org/view.php?id=CVE-2017-1191
An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. IBM X-Force ID: 123661. Es posible que una vulnerabilidad no revelada en las aplicaciones CLM (incluido IBM Rational Collaborative Lifecycle Management 4.0, 5.0 y 6.0) no restrinja el acceso URL. IBM X-Force ID: 123661. • http://www.ibm.com/support/docview.wss?uid=swg22011815 https://exchange.xforce.ibmcloud.com/vulnerabilities/123661 •
CVE-2017-1365
https://notcve.org/view.php?id=CVE-2017-1365
IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 126858. IBM Team Concert (RTC incluido IBM Rational Collaborative Lifecycle Management 4.0, 5.0 y 6.0) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22011815 https://exchange.xforce.ibmcloud.com/vulnerabilities/126858 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •