CVE-2015-0130 (GCVE-0-2015-0130)
Vulnerability from cvelistv5
Published
2015-07-20 01:00
Modified
2024-08-06 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:55:28.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-07-20T00:57:02",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960407"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0130",
"datePublished": "2015-07-20T01:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T03:55:28.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-0130\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2015-07-20T01:59:02.347\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Quality Manager (RQM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Team Concert (RTC) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x through 4.0.7; and Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad XSS en Jazz Team Server en Jazz Foundation en IBM Rational Collaborative Lifecycle Management (CLM) en la versi\u00f3n 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5; Rational Quality Manager (RQM) 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5; Rational Team Concert (RTC) 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5; Rational Requirements Composer (RRC) 4.x trav\u00e9s de 4.0.7; y Rational DOORS Next Generation (RDNG) 4.x anterior a 4.0.7 IF6 5.x anterior a 5.0.2 IF5, permite a atacantes remotos inyectar secuencias de comandos o HTML arbitrario por medio de una URL manipulada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"baseScore\":3.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"817714F1-B68E-41DB-A4FC-34FD5518B9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0477D24-56F7-46A2-A08A-C20A90E6E85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CABBD25-7C8D-4CE1-B9C9-75670C8B5B09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31D9D1B5-C3D1-42F2-A963-9FA30CF20AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0514FAC-52CE-41F6-B255-E2D83E71F3E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACA25E78-52E0-4B5E-AECC-0F24C827F3F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746190AA-6D21-446F-80F5-4C98F5BF74A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08125E1B-FE2B-436C-A69F-067BC1B5C542\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D76BE6D-5C28-404A-BBF3-E2C9E1596E8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_doors_next_generation:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A0BC49A-4D59-47AE-B2D2-13B6719B0932\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2C7E81B-DA97-4545-9C78-962E5FE9202D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D790D42-7B73-40A6-BF0E-630099FB97E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FABBECCB-F0B9-4D45-9372-6F313F841FE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DF445D-E457-4FA5-A2BE-F05828F8F799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1CE1A44-9F74-4405-AAB4-E38487FBD91A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29160905-BBD7-486C-A4E0-5778717389E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A538D21-6F83-4F01-AB4F-788A89F922CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"233E248F-0EA5-4C97-8474-C7A3EFCF7CCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FE6472E-AC94-431C-B8EA-8A3ED1828E85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DAFF35-BD11-4EED-8B79-E99AE8A0E620\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FDFE57E-7905-4DC8-93FC-CAE5BC070790\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_team_concert:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8BEC305-F98D-45F4-B149-1188744DE408\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC85C5A2-04BC-4E10-9EAF-6AF2CBC3AF41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6C66DD3-20D9-4B47-AFA4-0BA789A973FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7178BB7D-7098-44FB-8DC1-C6A7AF5D6EE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F4A9A99-C26E-4476-934E-24AADFBDB8B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A73A4517-CA0C-4C11-BD22-47F53DFBD7B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C22AC9CB-44C3-43E1-B29A-3D06A421E51D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51998570-6EFF-436C-9297-601B17A31788\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D944BB64-73C5-402C-9D14-077B8FC9DB8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A32DF4D-B68E-4C3E-AF20-05C80B26461A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B877D86-6ABE-43E8-A681-0C937C779388\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF6342F6-709A-4043-A879-57E9C7232C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1CDFA1C-9C07-4744-95F9-93A2332E2F13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10D8C43B-C109-44E1-868F-7DC1289D9BA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EFFBB5B-8566-45BC-9123-5418821E6EB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF2CC2A-232C-43A6-8C9B-E6125C051BF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A84EA62-E3F8-4E4C-9FEF-065300C4611A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0232D8EF-1DB3-477D-818C-B79B68406197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_requirements_composer:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8158D2-ECB0-4F89-BE73-568CA213D9B8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"443530AE-4F33-4453-826A-8D705DFB7C03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"364E7E8D-D988-4546-9E61-CD2D1A6F0728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D34C6DE1-40BC-44F3-B106-47E4FA1C4FF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB0AA277-39E7-441C-9AF2-18848FD4C9D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4938F063-34AF-4C5F-AF43-534C3D052720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3902033E-35AB-4358-9D07-AF8C59A9621A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"559C7C20-BD07-4E30-A74C-EA35DB2E3F2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B15D55E2-D1C2-4934-8C51-2DA2778ADF7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B31F581-9E7A-4882-A915-FE4784FDC996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA1E396E-905A-4CE3-8AEB-12BFBE679B2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:rational_quality_manager:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D1186E8-2639-476F-802E-580D98F2E255\"}]}]}],\"references\":[{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21960407\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21960407\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…