Vulnerabilities > IBM > Rational Doors Next Generation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-20 | CVE-2017-1753 | Code Injection vulnerability in IBM products Multiple IBM Rational products are vulnerable to HTML injection. | 5.4 |
| 2018-08-06 | CVE-2018-1422 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. | 5.4 |
| 2018-07-19 | CVE-2018-1529 | Cross-site Scripting vulnerability in IBM products IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. | 5.4 |
| 2018-07-10 | CVE-2018-1492 | Session Fixation vulnerability in IBM products IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server's failure to properly log out from the previous session. | 6.8 |
| 2018-07-10 | CVE-2018-1423 | Information Exposure vulnerability in IBM products IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. | 6.5 |
| 2018-07-06 | CVE-2018-1494 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. | 5.4 |
| 2018-07-06 | CVE-2017-1559 | Information Exposure vulnerability in IBM products Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. | 4.3 |
| 2018-07-06 | CVE-2017-1509 | Information Exposure vulnerability in IBM products IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. | 4.3 |
| 2018-07-06 | CVE-2017-1488 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. | 5.3 |
| 2018-07-06 | CVE-2017-1237 | Cross-site Scripting vulnerability in IBM products IBM Jazz based applications are vulnerable to cross-site scripting. | 5.4 |