CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1529
https://notcve.org/view.php?id=CVE-2018-1529
19 Jul 2018 — IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291. IBM Rational DOORS Next Generation de la versión 5.0 a la 5.0.2, la versión 6.0 hasta la 6.0.5 y IBM Rational Requirements Co... • http://www.ibm.com/support/docview.wss?uid=ibm10717531 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0CVE-2017-1790
https://notcve.org/view.php?id=CVE-2017-1790
12 Apr 2018 — IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137035. IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1 y 5.0.2 y desde la versión 6.0 hasta la 6.0.5 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios em... • http://www.ibm.com/support/docview.wss?uid=swg22012660 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 44EXPL: 0CVE-2015-7449
https://notcve.org/view.php?id=CVE-2015-7449
20 Mar 2018 — IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Gen... • http://www-01.ibm.com/support/docview.wss?uid=swg21985143 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-326: Inadequate Encryption Strength •
CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0CVE-2015-7440
https://notcve.org/view.php?id=CVE-2015-7440
15 Mar 2018 — IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements... • http://www-01.ibm.com/support/docview.wss?uid=swg21982747 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 41EXPL: 0CVE-2015-7453
https://notcve.org/view.php?id=CVE-2015-7453
15 Mar 2018 — Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0... • http://www-01.ibm.com/support/docview.wss?uid=swg21982747 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 41EXPL: 0CVE-2015-7471
https://notcve.org/view.php?id=CVE-2015-7471
15 Mar 2018 — Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0... • http://www-01.ibm.com/support/docview.wss?uid=swg21982747 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 130EXPL: 0CVE-2016-0219
https://notcve.org/view.php?id=CVE-2016-0219
16 Jan 2018 — XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote authenticated users to cause a denial of service via crafted XML data. IBM X-Force ID: 109693. Vulnerabilidad de XEE (XML External Entity) en IBM Rational Team Concert 3.0 en versiones anteriores a la 3.0.1.6 iFix7 Interim Fix 1, 4.0 en versiones anteriores a la 4.0.7 iFix10, 5.0 en versiones anteriores a la 5.... • http://www-01.ibm.com/support/docview.wss?uid=swg21983720 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.4EPSS: 0%CPEs: 10EXPL: 0CVE-2017-1546
https://notcve.org/view.php?id=CVE-2017-1546
13 Dec 2017 — IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130915. IBM DOORS Next Generation (DNG/RRC) 4.07, 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario we... • http://www.ibm.com/support/docview.wss?uid=swg22010321 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 0CVE-2017-1338
https://notcve.org/view.php?id=CVE-2017-1338
18 Aug 2017 — IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126246. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuari... • http://www.ibm.com/support/docview.wss?uid=swg22004138 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 0CVE-2017-1247
https://notcve.org/view.php?id=CVE-2017-1247
12 Jun 2017 — IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124627. IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0 y 6.0 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código Javascript aleatorio en la interfaz Web, lo que alter... • http://www.ibm.com/support/docview.wss?uid=swg22002809 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •