Lucene search

K
IbmRational Quality Manager

202 matches found

CVE
CVE
added 2018/10/02 3:29 p.m.36 views

CVE-2018-1440

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.36 views

CVE-2018-1549

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attack...

5.4CVSS5.3AI score0.00109EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.36 views

CVE-2019-4602

IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS5.2AI score0.00111EPSS
CVE
CVE
added 2015/03/18 10:59 a.m.35 views

CVE-2014-6131

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x bef...

4CVSS6.2AI score0.00158EPSS
CVE
CVE
added 2015/03/18 10:59 a.m.35 views

CVE-2015-0128

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0124.

3.5CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2015/07/20 1:59 a.m.35 views

CVE-2015-0130

Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x befor...

3.5CVSS5.2AI score0.00166EPSS
CVE
CVE
added 2018/03/20 9:29 p.m.35 views

CVE-2015-7449

IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Ration...

3.3CVSS3.5AI score0.00018EPSS
CVE
CVE
added 2018/07/06 2:29 p.m.35 views

CVE-2017-1248

IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628.

6.1CVSS6.2AI score0.00177EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.35 views

CVE-2018-1605

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.35 views

CVE-2018-1691

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.35 views

CVE-2018-1759

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2019/03/14 11:0 p.m.35 views

CVE-2018-1916

IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...

5.4CVSS5.1AI score0.00229EPSS
CVE
CVE
added 2020/09/02 7:15 p.m.35 views

CVE-2020-4546

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.

5.4CVSS5.2AI score0.00236EPSS
CVE
CVE
added 2021/01/27 5:15 p.m.35 views

CVE-2020-4547

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victi...

5.4CVSS5.3AI score0.00089EPSS
CVE
CVE
added 2021/03/04 7:15 p.m.35 views

CVE-2020-4975

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435.

5.4CVSS5.5AI score0.0025EPSS
CVE
CVE
added 2015/03/18 10:59 a.m.34 views

CVE-2014-6129

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x bef...

5.5CVSS6.3AI score0.00348EPSS
CVE
CVE
added 2015/03/18 10:59 a.m.34 views

CVE-2015-0124

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix4, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0128.

3.5CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.34 views

CVE-2018-1395

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.34 views

CVE-2018-1396

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.0018EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.34 views

CVE-2018-1823

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2020/04/08 2:15 p.m.34 views

CVE-2019-4601

IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to obtain sensitive information from a stack trace that could aid in further attacks against the system.

4.3CVSS4.4AI score0.00119EPSS
CVE
CVE
added 2015/06/07 6:59 p.m.33 views

CVE-2015-0112

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 throug...

4CVSS6.3AI score0.00206EPSS
CVE
CVE
added 2016/11/25 8:59 p.m.33 views

CVE-2016-2926

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 ...

5.4CVSS4.9AI score0.00541EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.33 views

CVE-2017-1250

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.5AI score0.00182EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.33 views

CVE-2017-1315

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00175EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.33 views

CVE-2017-1729

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.33 views

CVE-2018-1405

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/10/04 3:0 p.m.33 views

CVE-2018-1604

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.2AI score0.00158EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.33 views

CVE-2018-1763

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.33 views

CVE-2018-1829

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2021/01/27 5:15 p.m.33 views

CVE-2020-4524

IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434.

5.4CVSS5.2AI score0.00158EPSS
CVE
CVE
added 2014/12/19 2:59 a.m.32 views

CVE-2014-4801

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00166EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.32 views

CVE-2016-9700

IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. IBM X-Force ID: 119528.

4.3CVSS4.1AI score0.00177EPSS
CVE
CVE
added 2018/07/03 7:29 p.m.32 views

CVE-2017-1317

IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lead...

5.4CVSS5.4AI score0.00175EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.32 views

CVE-2018-1601

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/10/04 3:0 p.m.32 views

CVE-2018-1603

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.2AI score0.00158EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.32 views

CVE-2018-1764

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.32 views

CVE-2018-1825

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.31 views

CVE-2017-1792

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.31 views

CVE-2018-1403

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.31 views

CVE-2018-1557

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2017/03/31 6:59 p.m.30 views

CVE-2016-6022

IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000...

5.4CVSS5.7AI score0.00227EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.30 views

CVE-2017-1793

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.30 views

CVE-2018-1439

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2019/03/14 10:29 p.m.30 views

CVE-2018-1824

IBM Rational Quality Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 150...

5.4CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2017/05/10 2:29 p.m.29 views

CVE-2016-6035

IBM Rational Quality Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116896.

5.4CVSS5.5AI score0.00258EPSS
CVE
CVE
added 2017/05/15 9:29 p.m.29 views

CVE-2016-9735

IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 119781,

4.3CVSS4.1AI score0.00204EPSS
CVE
CVE
added 2018/10/02 3:29 p.m.29 views

CVE-2018-1522

IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...

5.4CVSS5.4AI score0.00158EPSS
CVE
CVE
added 2018/07/10 4:29 p.m.28 views

CVE-2018-1523

IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

5.4CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2015/03/13 1:59 a.m.27 views

CVE-2015-0129

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00166EPSS
Total number of security vulnerabilities202