Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > 6.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-25 | CVE-2018-1560 | Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-09-25 | CVE-2018-1539 | Improper Authentication vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 could allow remote attackers to bypass authentication via a direct request or forced browsing to a page other than URL intended. | 6.5 |