Description

IBM Rational Jazz Team Server (JTS), as used in Rational Collaborative Lifecycle Management 3.x and 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Quality Manager 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix5, 4.x before 4.0.7 iFix4, and 5.x before 5.0.2 iFix2; Rational DOORS Next Generation 4.x before 4.0.7 iFix4 and 5.x before 5.0.2 iFix2; Rational Requirements Composer 2.x and 3.x before 3.0.1.6 iFix5; and other products, allows remote authenticated users to read the dashboards of arbitrary users via unspecified vectors.

Remediation

References

CVE-2014-6131

Related Vulnerabilities

WordPress Plugin SEO SearchTerms Tagging 2 Multiple Vulnerabilities (1.535)

WordPress Plugin HubSpot All-In-One Marketing-Forms, Popups, Live Chat Cross-Site Scripting (7.5.5)

WordPress Plugin Wp-D3 Cross-Site Request Forgery (2.4)

WordPress Plugin Meow Gallery (+ Gallery Block) Security Bypass (4.1.9)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20280)

Severity

Medium

Classification

CVE-2014-6131 CWE-200

Tags

Missing Update Known Vulnerabilities