Ibm

Rational Rhapsody Design Manager

90 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-29844

  • EPSS 0.13%
  • Published 27.10.2021 16:15:07
  • Last modified 21.11.2024 06:01:54

IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

5.4

CVE-2020-4733

  • EPSS 0.18%
  • Published 08.01.2021 21:15:12
  • Last modified 21.11.2024 05:33:11

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...

5.4

CVE-2020-4697

  • EPSS 0.24%
  • Published 08.01.2021 21:15:12
  • Last modified 21.11.2024 05:33:08

IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...

5.4

CVE-2020-4691

  • EPSS 0.24%
  • Published 08.01.2021 21:15:12
  • Last modified 21.11.2024 05:33:07

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...

4.3

CVE-2020-4544

  • EPSS 0.11%
  • Published 08.01.2021 21:15:12
  • Last modified 21.11.2024 05:32:52

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 18318...

4.3

CVE-2020-4487

  • EPSS 0.11%
  • Published 08.01.2021 21:15:12
  • Last modified 21.11.2024 05:32:48

IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 18186...

5.4

CVE-2020-4525

  • EPSS 0.24%
  • Published 04.08.2020 16:15:12
  • Last modified 21.11.2024 05:32:50

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

4.3

CVE-2020-4410

  • EPSS 0.1%
  • Published 04.08.2020 16:15:12
  • Last modified 21.11.2024 05:32:42

IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. IBM X-Force ID: 179539.

5.4

CVE-2019-4249

  • EPSS 0.21%
  • Published 27.06.2019 14:15:10
  • Last modified 21.11.2024 04:43:22

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading t...

5.4

CVE-2018-1760

  • EPSS 0.21%
  • Published 27.06.2019 14:15:10
  • Last modified 21.11.2024 04:00:19

IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading t...