EUVD-2020-26112

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM Jazz Foundation products have a cross-site scripting vulnerability allowing JavaScript code injection.

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.	26 Jan 202119:54	–	ibm
Circl	CVE-2020-4865	27 Jan 202120:37	–	circl
CNNVD	IBM Jazz Foundation products 跨站脚本漏洞	27 Jan 202100:00	–	cnnvd
CNVD	IBM Engineering Workflow Management WEBUI Cross-Site Scripting Vulnerability	1 Feb 202100:00	–	cnvd
CVE	CVE-2020-4865	27 Jan 202116:15	–	cve
Cvelist	CVE-2020-4865	27 Jan 202116:15	–	cvelist
NVD	CVE-2020-4865	27 Jan 202117:15	–	nvd
OSV	CVE-2020-4865	27 Jan 202117:15	–	osv
Prion	Cross site scripting	27 Jan 202117:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "79dbeb38-82e6-36ef-9ecf-702d313d8188",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0bbf91cf-0c93-39f4-99b2-14d5bfff769e",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "1ac93c15-2e9e-3192-977e-f75bc935778e",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0"
      },
      {
        "id": "2108d667-0f4b-3442-ac09-9b806444e554",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "2202ff24-a00c-3509-ad74-1444d98a6343",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "364e7220-e09c-349b-b058-1d6862571ff5",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "4492be98-18d6-3f97-b5d7-4184908abeec",
        "product": {
          "name": "Engineering Lifecycle Optimization"
        },
        "product_version": "7.0"
      },
      {
        "id": "47bd6fbe-83b2-3fb7-852a-ccb1a0ca4c3c",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "7.0"
      },
      {
        "id": "63bfcd18-3130-3f5c-9f19-b72f3581ee7c",
        "product": {
          "name": "Rational Collaborative Lifecycle Management"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "718fd2fc-5168-344a-b396-9402370be9bb",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "751b7d16-77ee-3b66-89fb-c3e134116e9e",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "7fdf8c41-9ac4-30e3-b38b-3d165e033e9d",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "88c08645-740c-3ab2-9fca-718ba7801d1b",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "8db8f0e5-dadf-37d1-b29b-cc0a1642578a",
        "product": {
          "name": "Rational Engineering Lifecycle Manager"
        },
        "product_version": "7.0"
      },
      {
        "id": "8f055976-09a4-391d-892f-58aa9ca6b8cf",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "9368f52b-d597-391a-bf6a-d7174132ad2b",
        "product": {
          "name": "Rational Team Concert"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "b27964bc-46b5-3cfd-8086-99b533472002",
        "product": {
          "name": "Rational DOORS Next Generation"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "b4c40119-85ac-375e-a81b-b92a3accbe17",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "7.0"
      },
      {
        "id": "bf388889-06f2-335b-91fa-6acfb7b15db1",
        "product": {
          "name": "Rational Rhapsody Design Manager"
        },
        "product_version": "6.0.6.1"
      },
      {
        "id": "c0e06a85-9d32-33f9-9b38-6081b06fa250",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "c48461c6-2ba1-381e-85a2-c95f1dbcfadb",
        "product": {
          "name": "Engineering Test Management"
        },
        "product_version": "7.0.0"
      },
      {
        "id": "c7661295-1a08-357c-9a35-c6bd702be20b",
        "product": {
          "name": "Rational Rhapsody Model Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "cbb03e13-98f0-3201-b9c3-57d6dba90cf3",
        "product": {
          "name": "Engineering Workflow Management"
        },
        "product_version": "7.0.2"
      },
      {
        "id": "e755d0d9-9046-3e32-b95f-368b6668fc2c",
        "product": {
          "name": "Rational Rhapsody Design Manager"
        },
        "product_version": "6.0.2"
      },
      {
        "id": "f139efab-c855-321b-9ef6-b0a4a80f73be",
        "product": {
          "name": "Rational Quality Manager"
        },
        "product_version": "6.0.6"
      },
      {
        "id": "f368d59a-4c71-3dd2-bba5-c23fbde35a7d",
        "product": {
          "name": "Rational Rhapsody Design Manager"
        },
        "product_version": "6.0.6"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6408694
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/190741
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 35.4

CVSS 23.5

CVSS 3.15.4

EPSS0.00665