Description

The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Engineering Lifecycle Manager 4.0.3 through 4.0.7 and 5.0 through 5.0.2, Rational Rhapsody Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, and Rational Software Architect Design Manager 4.0 through 4.0.7 and 5.0 through 5.0.2 allows remote attackers to read JSP source code via a crafted request.

Remediation

References

CVE-2015-0113

Related Vulnerabilities

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0702)

Oracle Database Server CVE-2017-10282 Vulnerability (CVE-2017-10282)

WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2)

WordPress Plugin User Self Delete SQL Injection (1.1)

MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)

Severity

Medium

Classification

CVE-2015-0113 CWE-200

Tags

Missing Update Known Vulnerabilities