CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-1096
https://notcve.org/view.php?id=CVE-2017-1096
05 Jul 2017 — IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656. IBM Jazz Reporting Service (JRS) 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera la... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9986
https://notcve.org/view.php?id=CVE-2016-9986
05 Jul 2017 — IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120552. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitr... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9987
https://notcve.org/view.php?id=CVE-2016-9987
05 Jul 2017 — IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120553. IBM Jazz Foundation Reporting Service (JRS) 5.0 y 6.0 es vulnerables a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en el WEB UI, de este mo... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9988
https://notcve.org/view.php?id=CVE-2016-9988
05 Jul 2017 — IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120554. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitr... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9989
https://notcve.org/view.php?id=CVE-2016-9989
05 Jul 2017 — IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120555. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitr... • http://www.ibm.com/support/docview.wss?uid=swg22001007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5897
https://notcve.org/view.php?id=CVE-2016-5897
01 Feb 2017 — IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Jazz Reporting Service (JRS) es vulnerable a inyección HTML. Un atacante remoto podría inyectar código HTML malicioso, que al ser visto, sería ejecutado en el navegador Web de la víctima dentro del contexto de seguridad del sitio de alojamiento. • http://www.ibm.com/support/docview.wss?uid=swg21991153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5898
https://notcve.org/view.php?id=CVE-2016-5898
01 Feb 2017 — IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information. IBM Jazz Reporting Service (JRS) podrían permitir a un atacante remoto obtener información sensible, causada por no restringir la serialización de JSON. Al enviar una petición directa, un atacante podría explotar esta vulnerabilidad para obtener información sensi... • http://www.ibm.com/support/docview.wss?uid=swg21991154 • CWE-254: 7PK - Security Features •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-5899
https://notcve.org/view.php?id=CVE-2016-5899
01 Feb 2017 — IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Jazz Reporting Service (JRS) es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente ... • http://www.ibm.com/support/docview.wss?uid=swg21991154 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6039
https://notcve.org/view.php?id=CVE-2016-6039
01 Feb 2017 — IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Jazz Reporting Service (JRS) es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente ... • http://www.ibm.com/support/docview.wss?uid=swg21991153 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-6054
https://notcve.org/view.php?id=CVE-2016-6054
01 Feb 2017 — IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Jazz Foundation es vulnerable a las secuencias de comandos de sitios cruzados. Esta vulnerabilidad permite a usuarios incrustar código JavaScript arbitrario en la IU Web alterando así la funcionalidad prevista que potencialmente conduce a la divulgación d... • http://www.ibm.com/support/docview.wss?uid=swg21991154 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •