Vulnerabilities > IBM > Rational Quality Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-13 | CVE-2017-1099 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions. | 4.3 |
| 2017-06-13 | CVE-2016-9973 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-15 | CVE-2016-9735 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. | 4.3 |
| 2017-05-10 | CVE-2016-6037 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Team Concert (RTC) is vulnerable to HTML injection. | 4.8 |
| 2017-05-10 | CVE-2016-6035 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Quality Manager is vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2016-6036 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2016-6031 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Rational Quality Manager 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-03-31 | CVE-2016-6022 | Cross-site Scripting vulnerability in IBM Rational Quality Manager IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-2987 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | 4.3 |
| 2016-11-30 | CVE-2016-3014 | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Quality Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Team Concert 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational DOORS Next Generation 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17, and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11 and 5.0 before 5.0.2 iFix17 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |