IBM RTC Improper Input Validation Vulnerability - CVE-2015-1928 - Vulnerability Database

IBM RTC Improper Input Validation Vulnerability - CVE-2015-1928

Medium
Reference: CVE-2015-1928
Title: IBM RTC Improper Input Validation Vulnerability
Overview:

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.x before 6.0.0 IF4 Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.0 before 6.0.0 IF4 Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.0 before 6.0.0 IF4 Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9 Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9 5.x before 5.0.2 IF11 and 6.0 before 6.0.0 IF4 Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7 5.0 through 5.0.2 and 6.0.0 Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7 5.0 through 5.0.2 and 6.0.0 and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7 5.0 through 5.0.2 and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.