CVSS: 5.4EPSS: 0%CPEs: 33EXPL: 0CVE-2020-4691
https://notcve.org/view.php?id=CVE-2020-4691
08 Jan 2021 — IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186698. Los productos IBM Jazz Foundation son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fun... • https://exchange.xforce.ibmcloud.com/vulnerabilities/186698 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 33EXPL: 0CVE-2020-4544
https://notcve.org/view.php?id=CVE-2020-4544
08 Jan 2021 — IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 183189. Los productos IBM Jazz Foundation podrían permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría ser usada en futuros ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/183189 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 33EXPL: 0CVE-2020-4487
https://notcve.org/view.php?id=CVE-2020-4487
08 Jan 2021 — IBM Jazz Foundation Products could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 181862. Los productos IBM Jazz Foundation podrían permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría ser usada en futuros ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/181862 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.4EPSS: 0%CPEs: 22EXPL: 0CVE-2020-4546
https://notcve.org/view.php?id=CVE-2020-4546
02 Sep 2020 — IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183314. Las Aplicaciones basadas en IBM Jazz Team Server son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web,... • https://exchange.xforce.ibmcloud.com/vulnerabilities/183314 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 22EXPL: 0CVE-2020-4522
https://notcve.org/view.php?id=CVE-2020-4522
02 Sep 2020 — IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182397. Las Aplicaciones basadas en IBM Jazz Team Server son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web,... • https://exchange.xforce.ibmcloud.com/vulnerabilities/182397 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 22EXPL: 0CVE-2020-4445
https://notcve.org/view.php?id=CVE-2020-4445
02 Sep 2020 — IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181122. Las aplicaciones basadas en IBM Jazz Team Server son vulnerables a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web,... • https://exchange.xforce.ibmcloud.com/vulnerabilities/181122 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 20EXPL: 0CVE-2019-4748
https://notcve.org/view.php?id=CVE-2019-4748
16 Jul 2020 — IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174. IBM Jazz Team Server basadas en Applications es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alter... • https://exchange.xforce.ibmcloud.com/vulnerabilities/173174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-4603
https://notcve.org/view.php?id=CVE-2019-4603
08 Apr 2020 — IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to create keywords through the REST API and have them appear as if they were created by another user. IBM X-Force ID: 168295. IBM Quality Manager (RQM) versiones 6.02, 6.06 y 6.0.6.1, podría permitir a un usuario autenticado crear palabras clave por medio de la API REST y hacer que aparezcan como si fueran creadas por otro usuario. ID de IBM X-Force: 168295. • https://exchange.xforce.ibmcloud.com/vulnerabilities/168295 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-4602
https://notcve.org/view.php?id=CVE-2019-4602
08 Apr 2020 — IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168293. IBM Quality Manager (RQM) versiones 6.02, 6.06 y 6.0.6.1, es vulnerable a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz d... • https://exchange.xforce.ibmcloud.com/vulnerabilities/168293 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-4601
https://notcve.org/view.php?id=CVE-2019-4601
08 Apr 2020 — IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authenticated user to obtain sensitive information from a stack trace that could aid in further attacks against the system. IBM Quality Manager (RQM) versiones 6.02, 6.06 y 6.0.6.1, podría permitir a un usuario autenticado obtener información confidencial de un rastro de pila que podría ayudar en nuevos ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/168294 • CWE-209: Generation of Error Message Containing Sensitive Information •