IBM RTC Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2016-2986
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 6.x before 6.0.1 iFix6 Rational Quality Manager 6.x before 6.0.1 iFix6 Rational Team Concert 6.x before 6.0.1 iFix6 Rational DOORS Next Generation 6.x before 6.0.1 iFix6 Rational Engineering Lifecycle Manager 6.x before 6.0.1 iFix6 and Rational Rhapsody Design Manager 6.x before 6.0.1 iFix6 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.