CVE-2016-6037

Summary

IBM Rational Team Concert (RTC) is vulnerable to HTML injection. A remote attacker with project administrator privileges could send a project that contains malicious HTML code, which when the project is viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 116918.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationRational Collaborative Lifecycle Management4.0.7, 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References