Vulnerabilities > IBM > Rational Team Concert > 4.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-27 | CVE-2017-1191 | Unspecified vulnerability in IBM products An undisclosed vulnerability in CLM applications (including IBM Rational Collaborative Lifecycle Management 4.0, 5.0, and 6.0) with potential for failure to restrict URL Access. | 4.0 |
| 2017-07-05 | CVE-2016-9700 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces. | 4.0 |
| 2017-07-05 | CVE-2017-1113 | Cross-site Scripting vulnerability in IBM Rational Team Concert IBM Rational Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-07-05 | CVE-2016-9746 | Cross-site Scripting vulnerability in IBM products IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-07-05 | CVE-2016-9733 | Cross-site Scripting vulnerability in IBM products IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-07-05 | CVE-2016-9701 | Cross-site Scripting vulnerability in IBM products IBM Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-05-10 | CVE-2017-1103 | XXE vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 7.5 |
| 2017-05-10 | CVE-2016-6037 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Team Concert (RTC) is vulnerable to HTML injection. | 3.5 |
| 2017-05-10 | CVE-2016-6035 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Quality Manager is vulnerable to cross-site scripting. | 3.5 |
| 2017-02-01 | CVE-2016-2987 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. | 4.0 |