2 matches found
Security Bulletin: Security vulnerabilities affect IBM® Rational® Team Concert
Summary IBM Team Concert RTC is vulnerable to multiple cross-site scripting vulnerabilities. Vulnerability Details CVEID: CVE-2018-1408 DESCRIPTION: IBM Team Concert RTC is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...
CVE-2018-1521
CVE-2018-1521 affects IBM Rational Team Concert and Rational CLM components: cross-site scripting in the Web UI exists in RTC/RCLM versions 5.0–5.0.2 and 6.0–6.0.5. Root cause is improper input handling allowing embedded JavaScript, potentially leading to credentials disclosure within a trusted s...