漏洞标题
N/A
漏洞描述信息
在IBM Rational Collaborative Lifecycle Management 4.0 之前(4.0.7 iFix11, 5.0 之前(5.0.2 iFix19, 6.0 之前(6.0.2 iFix3))的 IBM Rational 质量管理(4.0) 、 IBM Rational 团队 concert(4.0) 、 IBM Rational DOORS Next Generation(4.0) 、 IBM Rational 工程生命周期管理器 4.x(4.0.7 iFix11) 、 IBM Rational 音乐设计师(4.0) 、 IBM Rational Rhapsody Design Manager(4.0) 、 IBM Rational Software Architect Design Manager(4.0) 、 以及 IBM Rational 软件架构设计师设计管理器(4.0) 之前(4.0.7 iFix11), 5.0 之前(5.0.2 iFix19), 6.0 之前(6.0.2 iFix3) 。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Quality Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Team Concert 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational DOORS Next Generation 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Engineering Lifecycle Manager 4.x before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; Rational Rhapsody Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3; and Rational Software Architect Design Manager 4.0 before 4.0.7 iFix11, 5.0 before 5.0.2 iFix19, and 6.0 before 6.0.2 iFix3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
多款IBM Rational产品跨站脚本漏洞
漏洞描述信息
IBM Rational Collaborative Lifecycle Management(CLM)等都是美国IBM公司的产品。IBM Rational CLM、Rational Team Concert(RTC)和Rational Engineering Lifecycle Manager都是协作化生命周期管理解决方案;Rational Quality Manager(RQM)是一套协作的、基于Web的质量管理解决方案;Rational Requirements Composer和Rational
CVSS信息
N/A
漏洞类别
跨站脚本