CVE-2016-2864

Name of the Vulnerable Software and Affected Versions IBM Rational Collaborative Lifecycle Management versions 3.0.1.6 through 3.0.1.6 before iFix8 IBM Rational Collaborative Lifecycle Management versions 4.0 through 4.0.7 before iFix11 IBM Rational Collaborative Lifecycle Management versions 5.0 through 5.0.2 before iFix18 IBM Rational Collaborative Lifecycle Management versions 6.0 through 6.0.2 before iFix5 IBM Rational Quality Manager versions 3.0.1.6 through 3.0.1.6 before iFix8 IBM Rational Quality Manager versions 4.0 through 4.0.7 before iFix11 IBM Rational Quality Manager versions 5.0 through 5.0.2 before iFix18 IBM Rational Quality Manager versions 6.0 through 6.0.2 before iFix5 IBM Rational Team Concert versions 3.0.1.6 through 3.0.1.6 before iFix8 IBM Rational Team Concert versions 4.0 through 4.0.7 before iFix11 IBM Rational Team Concert versions 5.0 through 5.0.2 before iFix18 IBM Rational Team Concert versions 6.0 through 6.0.2 before iFix5 IBM Rational DOORS Next Generation versions 4.0 through 4.0.7 before iFix11 IBM Rational DOORS Next Generation versions 5.0 through 5.0.2 before iFix18 IBM Rational DOORS Next Generation versions 6.0 through 6.0.2 before iFix5 IBM Rational Engineering Lifecycle Manager versions 4.x through 4.0.7 before iFix11 IBM Rational Engineering Lifecycle Manager versions 5.0 through 5.0.2 before iFix18 IBM Rational Engineering Lifecycle Manager versions 6.0 through 6.0.2 before iFix5 IBM Rational Rhapsody Design Manager versions 4.0 through 4.0.7 before iFix11 IBM Rational Rhapsody Design Manager versions 5.0 through 5.0.2 before iFix18 IBM Rational Rhapsody Design Manager versions 6.0 through 6.0.2 before iFix5 IBM Rational Software Architect Design Manager versions 4.0 through 4.0.7 before iFix11 IBM Rational Software Architect Design Manager versions 5.0 through 5.0.2 before iFix18 IBM Rational Software Architect Design Manager versions 6.0 through 6.0.2 before iFix5

Description A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Recommendations Apply iFix8 to IBM Rational Collaborative Lifecycle Management version 3.0.1.6 Apply iFix11 to IBM Rational Collaborative Lifecycle Management version 4.0.7 Apply iFix18 to IBM Rational Collaborative Lifecycle Management version 5.0.2 Apply iFix5 to IBM Rational Collaborative Lifecycle Management version 6.0.2 Apply iFix8 to IBM Rational Quality Manager version 3.0.1.6 Apply iFix11 to IBM Rational Quality Manager version 4.0.7 Apply iFix18 to IBM Rational Quality Manager version 5.0.2 Apply iFix5 to IBM Rational Quality Manager version 6.0.2 Apply iFix8 to IBM Rational Team Concert version 3.0.1.6 Apply iFix11 to IBM Rational Team Concert version 4.0.7 Apply iFix18 to IBM Rational Team Concert version 5.0.2 Apply iFix5 to IBM Rational Team Concert version 6.0.2 Apply iFix11 to IBM Rational DOORS Next Generation version 4.0.7 Apply iFix18 to IBM Rational DOORS Next Generation version 5.0.2 Apply iFix5 to IBM Rational DOORS Next Generation version 6.0.2 Apply iFix11 to IBM Rational Engineering Lifecycle Manager version 4.0.7 Apply iFix18 to IBM Rational Engineering Lifecycle Manager version 5.0.2 Apply iFix5 to IBM Rational Engineering Lifecycle Manager version 6.0.2 Apply iFix11 to IBM Rational Rhapsody Design Manager version 4.0.7 Apply iFix18 to IBM Rational Rhapsody Design Manager version 5.0.2 Apply iFix5 to IBM Rational Rhapsody Design Manager version 6.0.2 Apply iFix11 to IBM Rational Software Architect Design Manager version 4.0.7 Apply iFix18 to IBM Rational Software Architect Design Manager version 5.0.2 Apply iFix5 to IBM Rational Software Architect Design Manager version 6.0.2