IBM RTC Improper Input Validation Vulnerability - CVE-2015-1928
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.x before 6.0.0 IF4 Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.0 before 6.0.0 IF4 Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.0 before 6.0.0 IF4 Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9 Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.0 before 6.0.0 IF4 Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7 5.0 through 5.0.2 and 6.0.0 Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7 5.0 through 5.0.2 and 6.0.0 and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7 5.0 through 5.0.2 and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.