Security Bulletin: Vulnerability in Rational Team Concert with potential for Cross-Site Scripting attack (CVE-2016-0331)

Summary IBM Team Concert RTC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. Vulnerability Details CVEID: CVE-2016-0331 DESCRIPTION: IBM Team Concert RTC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

CVE-2016-0331

This CVE affects IBM Rational Team Concert (RTC) and Rational Collaborative Lifecycle Management (CLM) versions 6.0.1–6.0.2 prior to 6.0.2 iFix2. The vulnerability is a cross-site scripting (XSS) flaw caused by improper validation of user-supplied input, allowing remote authenticated users to inj...