VYPR
Get started
← All advisories
Medium severity5.4NVD Advisory· Published Nov 25, 2016· Updated May 6, 2026

CVE-2016-2986

CVE-2016-2986

Description

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6, Rational Quality Manager 6.x before 6.0.1 iFix6, Rational Team Concert 6.x before 6.0.1 iFix6, Rational DOORS Next Generation 6.x before 6.0.1 iFix6, Rational Engineering Lifecycle Manager 6.x before 6.0.1 iFix6, and Rational Rhapsody Design Manager 6.x before 6.0.1 iFix6 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Affected products

15
  • IBM/Rational Doors Next Generation3 versions
    cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:rational_doors_next_generation:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_doors_next_generation:6.0.2:*:*:*:*:*:*:*
  • IBM/Rational Engineering Lifecycle Manager3 versions
    cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_engineering_lifecycle_manager:6.0.2:*:*:*:*:*:*:*
  • IBM/Rational Quality Manager3 versions
    cpe:2.3:a:ibm:rational_quality_manager:6.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:rational_quality_manager:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_quality_manager:6.0.2:*:*:*:*:*:*:*
  • IBM/Rational Rhapsody Design Manager3 versions
    cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*
  • IBM/Rational Team Concert3 versions
    cpe:2.3:a:ibm:rational_team_concert:6.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:rational_team_concert:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:rational_team_concert:6.0.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.