Vulnerabilities > IBM > Rational Rhapsody Design Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-01-08 CVE-2020-4733 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-01-08 CVE-2020-4697 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-01-08 CVE-2020-4691 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation Products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-01-08 CVE-2020-4544 Information Exposure Through an Error Message vulnerability in IBM products
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
2021-01-08 CVE-2020-4487 Information Exposure Through an Error Message vulnerability in IBM products
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
2020-08-04 CVE-2020-4525 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-08-04 CVE-2020-4410 Unspecified vulnerability in IBM products
IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to.
network
low complexity
ibm
4.3
2019-06-27 CVE-2019-4250 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-06-27 CVE-2019-4249 Cross-site Scripting vulnerability in IBM products
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-06-27 CVE-2019-4084 Unspecified vulnerability in IBM products
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) could allow an authenticated user to obtain sensitive information from CLM Applications that could be used in further attacks against the system.
network
low complexity
ibm
4.3