CVE-2016-9696

Summary

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Reference #: 1999960.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationRational Rhapsody Design Manager4.0.2affected
IBM CorporationRational Rhapsody Design Manager3.0affected
IBM CorporationRational Rhapsody Design Manager3.0.0.1affected
IBM CorporationRational Rhapsody Design Manager4.0affected
IBM CorporationRational Rhapsody Design Manager4.0.1affected
IBM CorporationRational Rhapsody Design Manager4.0.3affected
IBM CorporationRational Rhapsody Design Manager4.0.4affected
IBM CorporationRational Rhapsody Design Manager4.0.5affected
IBM CorporationRational Rhapsody Design Manager4.0.6affected
IBM CorporationRational Rhapsody Design Manager5.0affected
IBM CorporationRational Rhapsody Design Manager3affected
IBM CorporationRational Rhapsody Design Manager4.0.7affected
IBM CorporationRational Rhapsody Design Manager5.0.2affected
IBM CorporationRational Rhapsody Design Manager5.0.1affected
IBM CorporationRational Rhapsody Design Manager6.0affected
IBM CorporationRational Rhapsody Design Manager6.0.1affected
IBM CorporationRational Rhapsody Design Manager6.0.2affected
IBM CorporationRational Rhapsody Design Manager6.0.3affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References