cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-20357,https://securityvulnerability.io/vulnerability/CVE-2021-20357,,IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963.,IBM,"Rational Doors Next Generation,Rational Quality Manager,Rational Collaborative Lifecycle Management,Rational Team Concert,Engineering Test Management,Rational Rhapsody Design Manager,Engineering Lifecycle Optimization,Rational Rhapsody Model Manager,Engineering Workflow Management,Rational Engineering Lifecycle Manager",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-27T17:15:00.000Z,0
CVE-2020-4547,https://securityvulnerability.io/vulnerability/CVE-2020-4547,,"IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315.",IBM,"Engineering Workflow Management,Rational Engineering Lifecycle Manager,Rational Rhapsody Model Manager,Engineering Lifecycle Optimization,Engineering Test Management,Rational Rhapsody Design Manager,Rational Quality Manager,Rational Team Concert,Rational Collaborative Lifecycle Management,Rational Doors Next Generation",5.4,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2021-01-27T17:15:00.000Z,0
CVE-2020-4524,https://securityvulnerability.io/vulnerability/CVE-2020-4524,,IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434.,IBM,"Rational Collaborative Lifecycle Management,Rational Team Concert,Rational Quality Manager,Rational Doors Next Generation,Engineering Lifecycle Optimization,Rational Rhapsody Design Manager,Engineering Test Management,Rational Engineering Lifecycle Manager,Engineering Workflow Management,Rational Rhapsody Model Manager",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-27T17:15:00.000Z,0
CVE-2020-4855,https://securityvulnerability.io/vulnerability/CVE-2020-4855,,IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457.,IBM,"Rational Collaborative Lifecycle Management,Rational Team Concert,Rational Quality Manager,Rational Doors Next Generation,Engineering Lifecycle Optimization,Rational Rhapsody Design Manager,Engineering Test Management,Rational Engineering Lifecycle Manager,Engineering Workflow Management,Rational Rhapsody Model Manager",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-27T17:15:00.000Z,0
CVE-2020-4865,https://securityvulnerability.io/vulnerability/CVE-2020-4865,,IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.,IBM,"Engineering Lifecycle Optimization,Rational Rhapsody Design Manager,Engineering Test Management,Rational Collaborative Lifecycle Management,Rational Team Concert,Rational Quality Manager,Rational Doors Next Generation,Rational Engineering Lifecycle Manager,Engineering Workflow Management,Rational Rhapsody Model Manager",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-27T17:15:00.000Z,0
CVE-2020-4691,https://securityvulnerability.io/vulnerability/CVE-2020-4691,,IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698.,IBM,"Rational Rhapsody Design Manager,Rational Rhapsody Model Manager,Rational Team Concert,Engineering Lifecycle Optimization,Rational Doors Next Generation,Engineering Test Management,Rational Engineering Lifecycle Manager,Rational Quality Manager,Engineering Workflow Management,Rational Collaborative Lifecycle Management",4.6,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-08T21:15:00.000Z,0
CVE-2020-4697,https://securityvulnerability.io/vulnerability/CVE-2020-4697,,IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186790.,IBM,"Rational Team Concert,Rational Rhapsody Design Manager,Rational Rhapsody Model Manager,Rational Doors Next Generation,Engineering Lifecycle Optimization,Rational Quality Manager,Engineering Test Management,Rational Engineering Lifecycle Manager,Engineering Workflow Management,Rational Collaborative Lifecycle Management",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-08T21:15:00.000Z,0
CVE-2020-4544,https://securityvulnerability.io/vulnerability/CVE-2020-4544,,IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189.,IBM,"Engineering Workflow Management,Rational Collaborative Lifecycle Management,Rational Quality Manager,Engineering Test Management,Rational Engineering Lifecycle Manager,Rational Doors Next Generation,Engineering Lifecycle Optimization,Rational Team Concert,Rational Rhapsody Model Manager,Rational Rhapsody Design Manager",4.3,MEDIUM,0.0007600000244565308,false,false,false,false,,false,false,2021-01-08T21:15:00.000Z,0
CVE-2020-4733,https://securityvulnerability.io/vulnerability/CVE-2020-4733,,IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188127.,IBM,"Rational Collaborative Lifecycle Management,Engineering Workflow Management,Engineering Test Management,Rational Engineering Lifecycle Manager,Rational Quality Manager,Engineering Lifecycle Optimization,Rational Doors Next Generation,Rational Rhapsody Model Manager,Rational Rhapsody Design Manager,Rational Team Concert",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2021-01-08T21:15:00.000Z,0
CVE-2020-4487,https://securityvulnerability.io/vulnerability/CVE-2020-4487,,IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862.,IBM,"Engineering Lifecycle Optimization,Rational Doors Next Generation,Rational Rhapsody Model Manager,Rational Rhapsody Design Manager,Rational Team Concert,Engineering Workflow Management,Rational Collaborative Lifecycle Management,Engineering Test Management,Rational Engineering Lifecycle Manager,Rational Quality Manager",4.3,MEDIUM,0.0007600000244565308,false,false,false,false,,false,false,2021-01-08T21:15:00.000Z,0
CVE-2020-4445,https://securityvulnerability.io/vulnerability/CVE-2020-4445,,IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122.,IBM,"Rational Rhapsody Design Manager,Rational Quality Manager,Rational Team Concert,Rational Doors Next Generation,Engineering Workflow Management",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-09-02T19:15:00.000Z,0
CVE-2020-4522,https://securityvulnerability.io/vulnerability/CVE-2020-4522,,IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397.,IBM,"Rational Rhapsody Design Manager,Rational Quality Manager,Engineering Workflow Management,Rational Doors Next Generation,Rational Team Concert",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-09-02T19:15:00.000Z,0
CVE-2020-4546,https://securityvulnerability.io/vulnerability/CVE-2020-4546,,IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314.,IBM,"Engineering Workflow Management,Rational Team Concert,Rational Doors Next Generation,Rational Quality Manager,Rational Rhapsody Design Manager",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-09-02T19:15:00.000Z,0
CVE-2020-4525,https://securityvulnerability.io/vulnerability/CVE-2020-4525,,IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182435.,IBM,Rational Rhapsody Design Manager,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-08-04T16:15:00.000Z,0
CVE-2020-4410,https://securityvulnerability.io/vulnerability/CVE-2020-4410,,IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. IBM X-Force ID: 179539.,IBM,Rational Rhapsody Design Manager,4.3,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-08-04T16:15:00.000Z,0
CVE-2020-4542,https://securityvulnerability.io/vulnerability/CVE-2020-4542,,IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 183046.,IBM,Rational Rhapsody Design Manager,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-08-04T16:15:00.000Z,0
CVE-2020-4396,https://securityvulnerability.io/vulnerability/CVE-2020-4396,,IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179359.,IBM,Rational Rhapsody Design Manager,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-08-04T16:15:00.000Z,0
CVE-2019-4748,https://securityvulnerability.io/vulnerability/CVE-2019-4748,,IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174.,IBM,"Rational Doors Next Generation,Engineering Workflow Management,Rational Quality Manager,Rational Rhapsody Design Manager,Rational Team Concert",5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-07-16T15:15:00.000Z,0
CVE-2019-4457,https://securityvulnerability.io/vulnerability/CVE-2019-4457,,"IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654.",IBM,Rational Rhapsody Design Manager,4.3,MEDIUM,0.0005600000149570405,false,false,false,false,,false,false,2020-02-19T16:15:00.000Z,0
CVE-2018-1606,https://securityvulnerability.io/vulnerability/CVE-2018-1606,,"IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796.",IBM,"Rational Team Concert,Rational Software Architect Design Manager,Rational Doors Next Generation,Rational Collaborative Lifecycle Management,Rational Rhapsody Design Manager,Rational Quality Manager,Rational Engineering Lifecycle Manager",4.3,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2018-11-06T16:29:00.000Z,0
CVE-2018-1694,https://securityvulnerability.io/vulnerability/CVE-2018-1694,,"IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609.",IBM,"Rational Team Concert,Rational Software Architect Design Manager,Rational Doors Next Generation,Rational Collaborative Lifecycle Management,Rational Rhapsody Design Manager,Rational Quality Manager,Rational Engineering Lifecycle Manager",5.9,MEDIUM,0.0011500000255182385,false,false,false,false,,false,false,2018-11-06T16:29:00.000Z,0
CVE-2018-1394,https://securityvulnerability.io/vulnerability/CVE-2018-1394,,Multiple IBM Rational products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138425.,IBM,"Rational Doors Next Generation,Rational Rhapsody Design Manager,Rational Collaborative Lifecycle Management,Rational Engineering Lifecycle Manager,Rational Software Architect Design Manager,Rational Quality Manager,Rational Team Concert",5.4,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2018-08-20T21:29:00.000Z,0
CVE-2017-1753,https://securityvulnerability.io/vulnerability/CVE-2017-1753,,"Multiple IBM Rational products are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 135655.",IBM,"Rational Doors Next Generation,Rational Rhapsody Design Manager,Rational Collaborative Lifecycle Management,Rational Engineering Lifecycle Manager,Rational Software Architect Design Manager,Rational Quality Manager,Rational Team Concert",5.4,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2018-08-20T21:29:00.000Z,0
CVE-2018-1535,https://securityvulnerability.io/vulnerability/CVE-2018-1535,,IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124557.,IBM,"Rational Rhapsody Design Manager,Rational Software Architect Design Manager",5.4,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2018-07-19T14:29:00.000Z,0
CVE-2018-1536,https://securityvulnerability.io/vulnerability/CVE-2018-1536,,IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142558.,IBM,"Rational Software Architect Design Manager,Rational Rhapsody Design Manager",5.4,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2018-07-19T14:29:00.000Z,0