Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5; Rational Quality Manager 3.0.1.6 before iFix8, 4.0 prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5; Rational Team Concert 3.0.1.6 before iFix8, 4.0 prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5; Rational DOORS Next Generation 4.0 prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5; Rational Engineering Lifecycle Manager 4.x prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5; Rational Rhapsody Design Manager 4.0 prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5; and Rational Software Architect Design Manager 4.0 prior to 4.0.7 iFix11, 5.0 prior to 5.0.2 iFix18, and 6.0 prior to 6.0.2 iFix5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm rational team concert 4.0.3 |
||
ibm rational team concert 4.0.4 |
||
ibm rational team concert 6.0.0 |
||
ibm rational team concert 6.0.1 |
||
ibm rational team concert 4.0.0 |
||
ibm rational team concert 4.0.1 |
||
ibm rational team concert 4.0.2 |
||
ibm rational team concert 5.0.1 |
||
ibm rational team concert 5.0.2 |
||
ibm rational team concert 3.0.1.6 |
||
ibm rational team concert 4.0.7 |
||
ibm rational team concert 5.0.0 |
||
ibm rational team concert 4.0.5 |
||
ibm rational team concert 4.0.6 |
||
ibm rational team concert 6.0.2 |