Page 3 of 40 results (0.003 seconds)

CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863. IBM Jazz Reporting Service (JRS) versiones 5.0 y 6.0, podría revelar información confidencial, incluyendo las credenciales de usuario, por medio de un mensaje de error de la página de configuración del administrador de Report Builder. ID de IBM X-Force: 126863. • http://www.ibm.com/support/docview.wss?uid=swg22005868 http://www.securityfocus.com/bid/99954 https://exchange.xforce.ibmcloud.com/vulnerabilities/126863 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120555. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, y por lo tanto, alterar la funcionalidad deseada conllevando potencialmente a la divulgación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120555 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120554. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, y por lo tanto, alterar la funcionalidad deseada conllevando potencialmente a la divulgación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120554 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120553. IBM Jazz Foundation Reporting Service (JRS) 5.0 y 6.0 es vulnerables a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en el WEB UI, de este modo alterando las funcionalidades planeadas revelando las credenciales dentro de una sesion fiable. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120553 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656. IBM Jazz Reporting Service (JRS) 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120656 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •