Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-10-03 CVE-2017-1364 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-10-03 CVE-2017-1359 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-10-03 CVE-2017-1335 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-10-03 CVE-2017-1334 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-10-03 CVE-2017-1324 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-08-10 CVE-2017-1168 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM Rational Engineering Lifecycle Manager 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9700 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces.
network
low complexity
ibm CWE-200
4.3
2017-06-22 CVE-2016-9747 Cross-site Scripting vulnerability in IBM products
IBM RELM 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-06-13 CVE-2017-1099 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions.
network
low complexity
ibm CWE-200
4.3
2017-06-13 CVE-2016-9973 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4