CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2018-1758 – Ubuntu Security Notice USN-3852-1
https://notcve.org/view.php?id=CVE-2018-1758
10 Jan 2019 — IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148605. IBM Rational Collaborative Lifecycle Management 6.0 a 6.0.6.1 es vulnerable a los scripts entre sitios. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario e... • http://www.ibm.com/support/docview.wss?uid=ibm10956525 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1762
https://notcve.org/view.php?id=CVE-2018-1762
29 Nov 2018 — IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148616. IBM Rational Collaborative Lifecycle Management desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting (XSS).... • http://www.securityfocus.com/bid/106053 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1694
https://notcve.org/view.php?id=CVE-2018-1694
06 Nov 2018 — IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Ration... • http://www.ibm.com/support/docview.wss?uid=ibm10738301 •
CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1606
https://notcve.org/view.php?id=CVE-2018-1606
06 Nov 2018 — IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM ... • http://www.ibm.com/support/docview.wss?uid=ibm10738301 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 13EXPL: 0CVE-2018-1558
https://notcve.org/view.php?id=CVE-2018-1558
02 Oct 2018 — IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142956. IBM Rational Collaborative Lifecycle Management, de la versión 5.0 a la 5.02 y desde la versión 6.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting (XSS). Esta vu... • http://www.ibm.com/support/docview.wss?uid=ibm10732477 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1610
https://notcve.org/view.php?id=CVE-2018-1610
26 Sep 2018 — IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143931. IBM Rational DOORS Next Generation, de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.6, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que... • http://www.ibm.com/support/docview.wss?uid=ibm10719841 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0CVE-2017-1753
https://notcve.org/view.php?id=CVE-2017-1753
20 Aug 2018 — Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655. Múltiples productos IBM Rational son vulnerables a inyección HTML. Un atacante remoto podría ejecutar código HTML malicioso que, cuando se visualice, se ejecutaría en el navegador web de la víctima en el contexto de seguridad del sitio anfitrión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/135655 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.4EPSS: 0%CPEs: 11EXPL: 0CVE-2018-1394
https://notcve.org/view.php?id=CVE-2018-1394
20 Aug 2018 — Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425. Múltiples productos IBM Rational son vulnerables a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidad... • https://exchange.xforce.ibmcloud.com/vulnerabilities/138425 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1422
https://notcve.org/view.php?id=CVE-2018-1422
06 Aug 2018 — IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139025. Los productos IBM Jazz Foundation (IBM Rational DOORS Next Generation, de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.5) son vulne... • http://www.ibm.com/support/docview.wss?uid=ibm10719817 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1529
https://notcve.org/view.php?id=CVE-2018-1529
19 Jul 2018 — IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291. IBM Rational DOORS Next Generation de la versión 5.0 a la 5.0.2, la versión 6.0 hasta la 6.0.5 y IBM Rational Requirements Co... • http://www.ibm.com/support/docview.wss?uid=ibm10717531 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •