EUVD-2020-26102

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM Jazz Foundation products are vulnerable to cross-site scripting allowing arbitrary JavaScript execution.

Reporter	Title	Published	Views	Family All 8
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.	26 Jan 202119:54	–	ibm
Circl	CVE-2020-4855	27 Jan 202120:37	–	circl
CNNVD	IBM Jazz Foundation 跨站脚本漏洞	27 Jan 202100:00	–	cnnvd
CNVD	IBM Jazz Foundation Cross-Site Scripting Vulnerability (CNVD-2021-09038)	3 Feb 202100:00	–	cnvd
CVE	CVE-2020-4855	27 Jan 202116:15	–	cve
Cvelist	CVE-2020-4855	27 Jan 202116:15	–	cvelist
NVD	CVE-2020-4855	27 Jan 202117:15	–	nvd
Prion	Cross site scripting	27 Jan 202117:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "6182078b-d7eb-3b10-b015-f7f828796b59",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "01ba1f8e-fe74-39fd-a16b-d6445fc8fa7e",
        "product": {
          "name": "Rational Rhapsody Design Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "034b84ea-ed18-3f8b-b7e2-fb637aff46e0",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "178238e4-1fd9-3aed-8e1d-45617b870280",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "19503593-971b-3896-a6b1-3697ad42a20f",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "19c830d4-8948-3d18-a245-d5a6be8767b9",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "3b4c6f31-eb25-3590-86f9-3dcf26e6f2e5",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "3b63c71d-fc50-3216-a273-feadba09f01a",
        "product": {
          "name": "Engineering Lifecycle Optimization"
        },
        "product_version": "7.0"
      },
      {
        "id": "41d4c303-e53d-31ea-84ea-3352f9076346",
        "product": {
          "name": "Rational Engineering Lifecycle Manager"
        },
        "product_version": "7.0"
      },
      {
        "id": "4d3a841c-f753-371e-9b04-6b17e4bfdced",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "579dea37-8c43-39fc-938e-2124a79b6928",
        "product": {
          "name": "Rational Rhapsody Design Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "5eed750a-3a1e-36c3-9a63-c54486d1d7a3",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "6bcf5fbe-d58b-3287-9f51-53a30be99e0c",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "7.0"
      },
      {
        "id": "82a2af68-1c44-3e7a-ae0f-84faad950696",
        "product": {
          "name": "Engineering Test Management"
        },
        "product_version": "7.0.0"
      },
      {
        "id": "89b72f29-0f5a-30b1-84da-6f41f2ad0cf6",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "90f2e386-e6c2-3758-bcec-595b6fe4fc1e",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "7.0"
      },
      {
        "id": "9427e892-e009-3b65-a3b9-4f94131f52ae",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "abaa3b82-5d99-321c-b84b-8597c21b8a6d",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "b5d11280-4c7f-310e-a20d-0fd3add8c862",
        "product": {
          "name": "Rational Rhapsody Design Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "b72173ee-3851-3e35-802f-dca2a9cb78cc",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "b769ea97-f264-3430-a484-5a4a95cb955e",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "b92d466c-92b5-3aa9-ab56-9c233429a09e",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "bae3ec8f-2a2f-3574-a083-e8e974668a20",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "cf92097b-f201-352a-82d3-b6c19604fd22",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "d0fb7579-7547-36e8-80e5-13d7d8e1ada6",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0.2"
      },
      {
        "id": "e31cf3f7-0598-3843-b25c-8429bee83d74",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6408694
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/190457
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 35.4

CVSS 23.5

CVSS 3.15.4

EPSS0.00158