Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > 5.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-14	CVE-2018-1952	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2019-03-14	CVE-2018-1929	Information Exposure vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could allow a malicious user to be allowed to view any view if he knows the URL link of a the view, and access information that should not be able to see. network low complexity ibm CWE-200	4.0
2019-03-14	CVE-2018-1916	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2019-03-14	CVE-2018-1914	Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2019-03-14	CVE-2018-1910	Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2019-03-14	CVE-2018-1688	Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2018-11-02	CVE-2018-1846	XXE vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm CWE-611	5.5
2018-10-02	CVE-2018-1558	Cross-site Scripting vulnerability in IBM products IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. network ibm CWE-79	3.5
2018-09-25	CVE-2018-1659	Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. network ibm CWE-79	3.5
2018-09-25	CVE-2018-1607	XXE vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm CWE-611	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.