Rational_collaborative_lifecycle_management - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Rational_collaborative_lifecycle_management
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	141

Date	Id	Summary	Products	Score	Patch	Annotated
2020-09-02	CVE-2020-4445	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122.	Doors_next, Engineering_requirements_management_doors_next, Engineering_test_management, Engineering_workflow_management, Eni, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	5.4
2020-09-02	CVE-2020-4522	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397.	Doors_next, Engineering_requirements_management_doors_next, Engineering_test_management, Engineering_workflow_management, Eni, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	5.4
2020-09-02	CVE-2020-4546	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.	Doors_next, Engineering_requirements_management_doors_next, Engineering_test_management, Engineering_workflow_management, Eni, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	5.4
2021-07-19	CVE-2020-5031	IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 193738.	Engineering_lifecycle_optimization, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_team_concert	5.4
2021-07-19	CVE-2021-20507	IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198235.	Engineering_lifecycle_optimization, Engineering_requirements_quality_assistant_on\-Premises, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_team_concert	5.4
2021-07-28	CVE-2020-4974	IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 192434.	Engineering_lifecycle_optimization_\-_engineering_insights, Engineering_requirements_quality_assistant_on\-Premises, Engineering_test_management, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	6.3
2021-07-28	CVE-2020-5004	IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192957.	Engineering_lifecycle_optimization_\-_engineering_insights, Engineering_requirements_quality_assistant_on\-Premises, Engineering_test_management, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_quality_manager, Rational_team_concert	5.4
2021-10-27	CVE-2021-29673	IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482.	Engineering_lifecycle_optimization, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_team_concert	5.4
2021-10-27	CVE-2021-29713	IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.	Engineering_lifecycle_optimization, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_team_concert	5.4
2021-10-27	CVE-2021-29774	IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025.	Engineering_lifecycle_optimization, Engineering_workflow_management, Rational_collaborative_lifecycle_management, Rational_doors_next_generation, Rational_engineering_lifecycle_manager, Rational_team_concert	7.5