Vulnerabilities > IBM > Rational Team Concert > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-03-13 | CVE-2015-0122 | Cross-site Scripting vulnerability in IBM Rational Team Concert Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0123. | 3.5 |
2015-03-13 | CVE-2015-0123 | Cross-site Scripting vulnerability in IBM Rational Team Concert Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0122. | 3.5 |
2014-07-29 | CVE-2014-3050 | Information Exposure vulnerability in IBM Rational Team Concert IBM Rational Team Concert (RTC) 3.x before 3.0.1.6 IF3 and 4.x before 4.0.7 does not properly integrate with build engines, which allows remote authenticated users to discover credentials via unspecified vectors. | 3.5 |
2013-12-10 | CVE-2013-5404 | Cross-Site Scripting vulnerability in IBM products Cross-site scripting (XSS) vulnerability in the search implementation in IBM Rational Quality Manager (RQM) 2.0 through 2.0.1.1, 3.x before 3.0.1.6 iFix 1, and 4.x before 4.0.5, as used in Rational Team Concert, Rational Requirements Composer, and other products, allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IFRAME element. | 3.5 |
2011-02-14 | CVE-2011-1029 | Cross-Site Scripting vulnerability in IBM Rational Team Concert 2.0.0.1/2.0.0.2 Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 2.0.0.x allows remote authenticated users to inject arbitrary web script or HTML via the name of a shared report. | 3.5 |