IBM Security Bulletin: Vulnerability in Rational Team Concert with potential for Cross-Site Scripting attack (CVE-2016-0331)

IBM Team Concert (RTC) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.

CVE(s): CVE-2016-0331

Affected product(s) and affected version(s):

Rational Collaborative Lifecycle Management 6.0.1 – 6.0.2
Rational Team Concert 6.0.1 – 6.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2c4AFB7
X-Force Database: http://ift.tt/2chyGMX



from IBM Product Security Incident Response Team http://ift.tt/2c4CcqM