CVE-2016-6036

Summary

IBM Rational Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 2000784.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationRational Collaborative Lifecycle Management3.0.1affected
IBM CorporationRational Collaborative Lifecycle Management4.0affected
IBM CorporationRational Collaborative Lifecycle Management3.0.1.6affected
IBM CorporationRational Collaborative Lifecycle Management4.0.1affected
IBM CorporationRational Collaborative Lifecycle Management4.0.2affected
IBM CorporationRational Collaborative Lifecycle Management4.0.3affected
IBM CorporationRational Collaborative Lifecycle Management4.0.4affected
IBM CorporationRational Collaborative Lifecycle Management4.0.5affected
IBM CorporationRational Collaborative Lifecycle Management4.0.6affected
IBM CorporationRational Collaborative Lifecycle Management5.0affected
IBM CorporationRational Collaborative Lifecycle Management4.0.7affected
IBM CorporationRational Collaborative Lifecycle Management5.0.1affected
IBM CorporationRational Collaborative Lifecycle Management5.0.2affected
IBM CorporationRational Collaborative Lifecycle Management6.0affected
IBM CorporationRational Collaborative Lifecycle Management6.0.1affected
IBM CorporationRational Collaborative Lifecycle Management6.0.2affected
IBM CorporationRational Collaborative Lifecycle Management6.0.3affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References