Vulnerabilities > IBM > Rational Clearquest
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-17 | CVE-2024-28796 | Cross-site Scripting vulnerability in IBM Rational Clearquest IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting. | 5.4 |
| 2018-08-13 | CVE-2016-2922 | Improper Certificate Validation vulnerability in IBM Rational Clearquest IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. | 5.9 |
| 2018-04-20 | CVE-2014-0950 | XXE vulnerability in IBM Rational Clearquest Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. | 7.1 |
| 2016-01-02 | CVE-2015-4996 | Information Exposure vulnerability in IBM Rational Clearquest IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors. | 5.1 |