Key Vulnerability Information Summary CVEID: CVE-2018-1762 Vulnerability: Cross-site scripting vulnerability in IBM Jazz Foundation Affected Products and Versions Rational Collaborative Lifecycle Management (5.0 - 6.0.6) Rational Quality Manager (5.0 - 6.0.6) Rational Team Concert (5.0 - 6.0.6) Rational DOORS Next Generation (5.0 - 6.0.6) Rational Engineering Lifecycle Manager (5.0 - 6.0.6) Rational Rhapsody Design Manager (5.0 - 6.0.6) Rational Software Architect Design Manager (5.0 - 6.0.6) Remediation/Fixes 6.0 - 6.0.6 releases: - Upgrade to version 6.0.6 iFix003 or later. - Upgrade to version 6.0.2 iFix019 or later. 5.x releases: - Upgrade to version 5.0.2 iFix027 or later. CVSS Scores Base Score: 5.4 Environmental Score: Undefined Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) Workarounds and Mitigations None Important Note IBM recommends upgrading to a fixed, supported version/release/platform of the product. References Complete CVSS v3 Guide On-line Calculator v3