NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:ibm:rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*
CPE Name Search: true

There are 9 matching records.

Displaying matches 1 through 9.

Vuln ID	Summary	CVSS Severity
CVE-2021-20357	IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963. Published: January 27, 2021; 12:15:14 PM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-4865	IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741. Published: January 27, 2021; 12:15:13 PM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-4855	IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457. Published: January 27, 2021; 12:15:12 PM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-4547	IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315. Published: January 27, 2021; 12:15:11 PM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2020-4524	IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434. Published: January 27, 2021; 12:15:11 PM -0500	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2019-4748	IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174. Published: July 16, 2020; 11:15:27 AM -0400	V4.0:(not available) V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2017-1287	IBM Rhapsody DM 5.0 and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. Published: July 24, 2017; 5:29:00 PM -0400	V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 4.9 MEDIUM
CVE-2017-1249	IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: July 24, 2017; 5:29:00 PM -0400	V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2016-8975	IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118912. Published: July 24, 2017; 5:29:00 PM -0400	V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW