Vulnerabilities > IBM > Rhapsody Design Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-27 | CVE-2021-20357 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-27 | CVE-2020-4865 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-27 | CVE-2020-4855 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 3.5 |
| 2021-01-27 | CVE-2020-4547 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM products IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. | 3.5 |
| 2021-01-27 | CVE-2020-4524 | Cross-site Scripting vulnerability in IBM products IBM Jazz Foundation products is vulnerable to cross-site scripting. | 3.5 |
| 2020-07-16 | CVE-2019-4748 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 3.5 |
| 2017-07-24 | CVE-2017-1287 | Open Redirect vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 4.9 |
| 2017-07-24 | CVE-2017-1249 | Cross-site Scripting vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-07-24 | CVE-2016-8975 | Cross-site Scripting vulnerability in IBM Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. | 3.5 |
| 2015-06-07 | CVE-2015-0112 | XML External Entity Injection vulnerability in Multiple IBM Products Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1, 3.0 through 3.0.1.6, 4.0 through 4.0.7, and 5.0 through 5.0.2; Rational Team Concert (RTC) 2.0 through 2.0.0.2, 3.x before 3.0.1.6 IF6, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Requirements Composer (RRC) 2.0 through 2.0.0.4, 3.x before 3.0.1.6 IF6, and 4.0 through 4.0.7; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF5 and 5.x before 5.0.2 IF4; Rational Engineering Lifecycle Manager (RELM) 1.0 through 1.0.0.1, 4.0.3 through 4.0.7, and 5.0 through 5.0.2; Rational Rhapsody Design Manager (DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2; and Rational Software Architect Design Manager (RSA DM) 3.0 through 3.0.1, 4.0 through 4.0.7, and 5.0 through 5.0.2 allows remote authenticated users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 4.0 |