Vulnerabilities > IBM > Rational Engineering Lifecycle Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-06-27 CVE-2018-1826 Cross-site Scripting vulnerability in IBM products
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-06-27 CVE-2018-1760 Cross-site Scripting vulnerability in IBM products
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-06-27 CVE-2018-1758 Cross-site Scripting vulnerability in IBM products
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-06-27 CVE-2018-1734 Information Exposure vulnerability in IBM products
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 discloses sensitive information in error messages that may be used by a malicious user to orchestrate further attacks.
network
low complexity
ibm CWE-200
4.3
2019-03-14 CVE-2018-1952 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-03-14 CVE-2018-1929 Information Exposure vulnerability in IBM Rational Engineering Lifecycle Manager
IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 could allow a malicious user to be allowed to view any view if he knows the URL link of a the view, and access information that should not be able to see.
network
low complexity
ibm CWE-200
4.3
2019-03-14 CVE-2018-1916 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-03-14 CVE-2018-1914 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-03-14 CVE-2018-1910 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-03-14 CVE-2018-1688 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4