Vulnerabilities > IBM > Rational Team Concert > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-10-01 | CVE-2012-0748 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Rational Team Concert 4.0 Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 4.0.0.1 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items. | 6.8 |
2011-06-30 | CVE-2011-2607 | Cross-Site Scripting vulnerability in IBM Rational Team Concert 3.0 Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165513. | 4.3 |
2011-06-30 | CVE-2011-2606 | Cross-Site Scripting vulnerability in IBM Rational Team Concert 3.0 Cross-site scripting (XSS) vulnerability in the Web UI in IBM Rational Team Concert (RTC) 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165511. | 4.3 |