Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMFC1F46C338B91B2D399B557B4A1469DA5D36AB2D5F6B82A1298A3A0DD0F9FE85
HistoryApr 28, 2021 - 6:35 p.m.

Security Bulletin: Cross-site scripting vulnerability affects IBM® Rational® Team Concert

2021-04-2818:35:50
www.ibm.com
9
ibm rational team concert
cross-site scripting
vulnerability
versions 5.0 - 6.0.5
upgrade
ifix03

EPSS

0.001

Percentile

18.9%

JSON

Summary

IBM Team Concert (RTC) is vulnerable to cross-site scripting vulnerability.

Vulnerability Details

CVEID: CVE-2018-1766 DESCRIPTION: IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148620&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Rational Collaborative Lifecycle Management 5.0 - 6.0.5

Rational Team Concert 5.0 - 5.0.2
Rational Team Concert 6.0 - 6.0.5

Version 6.0.6 is not affected.

Remediation/Fixes

For the 5.0 - 6.0.5 releases, upgrade to version 6.0.6 iFix03 or later

Workarounds and Mitigations

None

Related

prion 1
nvd 1
cve 1
cvelist 1
prion
prion
Cross site scripting
2018-10-29 15:29:00
nvd
nvd
CVE-2018-1766
2018-10-29 15:29:00
cve
cve
CVE-2018-1766
2018-10-29 15:29:00
cvelist
cvelist
CVE-2018-1766
2018-10-29 15:00:00

EPSS

0.001

Percentile

18.9%

JSON
Related for FC1F46C338B91B2D399B557B4A1469DA5D36AB2D5F6B82A1298A3A0DD0F9FE85
prion1nvd1cve1cvelist1