Ibm

Rational Team Concert

142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2016-9701

  • EPSS 0.27%
  • Published 05.07.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...

5.4

CVE-2016-9733

  • EPSS 0.27%
  • Published 05.07.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

5.4

CVE-2016-9746

  • EPSS 0.27%
  • Published 05.07.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

5.4

CVE-2017-1113

  • EPSS 0.27%
  • Published 05.07.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl...

5.4

CVE-2016-9973

  • EPSS 0.26%
  • Published 13.06.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

4.3

CVE-2017-1099

  • EPSS 35.51%
  • Published 13.06.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. IBM X-Force ID: 120659.

4.3

CVE-2016-9735

  • EPSS 0.2%
  • Published 15.05.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

5.4

CVE-2016-6035

  • EPSS 0.26%
  • Published 10.05.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

4.8

CVE-2016-6037

  • EPSS 0.15%
  • Published 10.05.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web b...

8.1

CVE-2017-1103

  • EPSS 0.38%
  • Published 10.05.2017 14:29:00
  • Last modified 20.04.2025 01:37:25

IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all ava...