cpe:/a:ibm:rational_team_concert:2.0.0.2 cpe:/a:ibm:rational_team_concert:3.0 cpe:/a:ibm:rational_team_concert:3.0.1 cpe:/a:ibm:rational_team_concert:3.0.1.1 cpe:/a:ibm:rational_team_concert:3.0.1.2 cpe:/a:ibm:rational_team_concert:3.0.1.3 cpe:/a:ibm:rational_team_concert:3.0.1.4 cpe:/a:ibm:rational_team_concert:3.0.1.5 cpe:/a:ibm:rational_team_concert:3.0.1.6 cpe:/a:ibm:rational_team_concert:4.0 cpe:/a:ibm:rational_team_concert:4.0.0.1 cpe:/a:ibm:rational_team_concert:4.0.0.2 cpe:/a:ibm:rational_team_concert:4.0.1 cpe:/a:ibm:rational_team_concert:4.0.2 cpe:/a:ibm:rational_team_concert:4.0.3 cpe:/a:ibm:rational_team_concert:4.0.4 cpe:/a:ibm:rational_team_concert:4.0.5 cpe:/a:ibm:rational_team_concert:4.0.6 cpe:/a:ibm:rational_team_concert:4.0.7 cpe:/a:ibm:rational_team_concert:5.0.0 cpe:/a:ibm:rational_team_concert:5.0.1 CVE-2015-0122 2015-03-12T21:59:22.897-04:00 2016-12-02T22:02:17.313-05:00 3.5 NETWORK MEDIUM SINGLE_INSTANCE NONE PARTIAL NONE http://nvd.nist.gov 2015-09-11T11:13:59.963-04:00 SECTRACK 1031884 BID 73093 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21698253 Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0123.