NotCVE - vendor:"Ibm" product:"Jazz Reporting Service" version:" >= 6.0.3 <= 6.0.6"

Page 2 of 22 results (0.000 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-1918

https://notcve.org/view.php?id=CVE-2018-1918

08 Jan 2019 — IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152785. IBM Jazz Reporting Service (JRS), en sus versiones 6.0.3, 6.0.4, 6.0.5 y 6.0.6, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScr... • http://www.ibm.com/support/docview.wss?uid=ibm10793759 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-1639

https://notcve.org/view.php?id=CVE-2018-1639

16 Nov 2018 — The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579. Report Builder en Jazz Reporting Service, de la versión 5.0 hasta la 5.0.2 y de la versión 6.0 hasta la 6.0.6, podría permitir que un usuario autenticado obtenga información sensible más allá de sus privilegios asignados. IBM X-Force ID: 144579. • https://exchange.xforce.ibmcloud.com/vulnerabilities/144579 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-1750

https://notcve.org/view.php?id=CVE-2017-1750

25 Apr 2018 — IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135523. IBM Jazz Reporting Service (JRS), de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los ... • http://www.ibm.com/support/docview.wss?uid=swg22015712 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2018-1363

https://notcve.org/view.php?id=CVE-2018-1363

25 Apr 2018 — IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137448. IBM Jazz Reporting Service (JRS), de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los ... • http://www.ibm.com/support/docview.wss?uid=swg22015712 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-1340

https://notcve.org/view.php?id=CVE-2017-1340

01 Nov 2017 — IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455. Jazz Reporting Service (JRS) de IBM 6.0.4 podría permitir que un usuario autenticado obtenga información de otro usuario con el que interactúa el creador de informes . IBM X-Force ID: 126455. • http://www.ibm.com/support/docview.wss?uid=swg22009973 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-1490

https://notcve.org/view.php?id=CVE-2017-1490

14 Sep 2017 — An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information. Existe una vulnerabilidad en el motor de consulta de ciclo de vida de Jazz Reporting Service en sus versiones de la 6.0 a la 6.0.4 que podría revelar información sumamente sensible. • http://www.ibm.com/support/docview.wss?uid=swg22008253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-1370

https://notcve.org/view.php?id=CVE-2017-1370

31 Jul 2017 — IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863. IBM Jazz Reporting Service (JRS) versiones 5.0 y 6.0, podría revelar información confidencial, incluyendo las credenciales de usuario, por medio de un mensaje de error de la página de configuración del administrador de Report Builder. ID de IBM X-Force: 126863. • http://www.ibm.com/support/docview.wss?uid=swg22005868 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

CVE-2017-1096

https://notcve.org/view.php?id=CVE-2017-1096

05 Jul 2017 — IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656. IBM Jazz Reporting Service (JRS) 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera la... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

CVE-2016-9986

https://notcve.org/view.php?id=CVE-2016-9986

05 Jul 2017 — IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120552. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitr... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

CVE-2016-9987

https://notcve.org/view.php?id=CVE-2016-9987

05 Jul 2017 — IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120553. IBM Jazz Foundation Reporting Service (JRS) 5.0 y 6.0 es vulnerables a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en el WEB UI, de este mo... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3