IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198441.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NIBM Collaborative Lifecycle Management
APPIbm6.0.26.0.66.0.6.1IBM Doors Next
APPIbm7.0.07.0.17.0.2IBM Engineering Insights
APPIbm7.0.07.0.17.0.2IBM Engineering Lifecycle Management
APPIbm7.0.07.0.17.0.2IBM Engineering Requirements Management Doors Next
APPIbm6.0.26.0.66.0.6.1IBM Engineering Test Management
APPIbm7.0.07.0.17.0.2IBM Engineering Workflow Management
APPIbm7.0.07.0.17.0.2IBM Rational Engineering Lifecycle Manager
APPIbm6.0.26.0.66.0.6.1IBM Rational Quality Manager
APPIbm6.0.26.0.66.0.6.1IBM Rational Team Concert
APPIbm6.0.26.0.66.0.6.1IBM Removable Media Management
APPIbm6.0.26.0.66.0.6.17.0.07.0.1IBM Rhapsody Model Manager
APPIbm6.0.26.0.66.0.6.1
Related vulnerabilities
IBM Engineering Lifecycle Management — nieautoryzowany zapis plików konfiguracyjnych serwera
RCE poprzez race condition w IBM DOORS Next — CVE-2024-41787
IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 th...
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privi...
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to down...