) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:rational_doors_next_generation:6.0.2
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-29774 |
IBM Jazz Team Server products could allow an authenticated user to obtain elevated privileges under certain configurations. IBM X-Force ID: 203025. Published: October 27, 2021; 12:15:07 PM -0400 |
V3.1: 7.5 HIGH V2.0: 6.0 MEDIUM |
| CVE-2021-29713 |
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Published: October 27, 2021; 12:15:07 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2021-20351 |
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194708. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2021-20350 |
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194707. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2021-20340 |
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194451. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4975 |
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192435. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4866 |
IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190742. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4863 |
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190566. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4857 |
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190460. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4856 |
IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190459. Published: March 04, 2021; 2:15:13 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4733 |
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127. Published: January 08, 2021; 4:15:12 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4697 |
IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790. Published: January 08, 2021; 4:15:12 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4691 |
IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698. Published: January 08, 2021; 4:15:12 PM -0500 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4544 |
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189. Published: January 08, 2021; 4:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2020-4487 |
IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862. Published: January 08, 2021; 4:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
| CVE-2020-4546 |
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314. Published: September 02, 2020; 3:15:18 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4522 |
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397. Published: September 02, 2020; 3:15:18 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4445 |
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122. Published: September 02, 2020; 3:15:18 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2019-4748 |
IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174. Published: July 16, 2020; 11:15:27 AM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
| CVE-2020-4297 |
IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176474. Published: June 19, 2020; 12:15:11 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |