Security Bulletin: Cross-site scripting vulnerability affects multiple IBM Rational products based on IBM Jazz technology (CVE-2016-2926)

Summary Cross-site scripting vulnerability in the IBM Jazz Foundation affects the following IBM Jazz based Applications: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQ...

CVE-2016-2926

CVE-2016-2926 is an XSS vulnerability affecting IBM Jazz-based CLM suite (Rational CLM, RQM, RTC, RDNG, RELM, Rhapsody DM, RSA DM) and related products. The issue arises from improper validation of input, allowing remote authenticated users to inject arbitrary script via crafted URLs. Impact incl...