Vulnerabilities > IBM > Rational Software Architect
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-27 | CVE-2015-7439 | Cross-site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect (IDA), as distributed in IBM Rational Software Architect 8.5 through 9.5, Rational Software Architect for WebSphere Software (RSA4WS) 8.5 through 9.5, and Rational Software Architect RealTime (RSART) 8.5 through 9.5, allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | 4.3 |
| 2009-11-23 | CVE-2009-4052 | Cross-Site Scripting vulnerability in IBM products Multiple cross-site scripting (XSS) vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) the JSF Tree Control and (2) the JavaScript Resource Servlet. | 4.3 |