CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9989
https://notcve.org/view.php?id=CVE-2016-9989
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120555. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, y por lo tanto, alterar la funcionalidad deseada conllevando potencialmente a la divulgación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120555 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9988
https://notcve.org/view.php?id=CVE-2016-9988
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120554. IBM Jazz Foundation Reporting Service (JRS) versiones 5.0 y 6.0, es vulnerable a un problema de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, y por lo tanto, alterar la funcionalidad deseada conllevando potencialmente a la divulgación de credenciales dentro de una sesión confiable. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120554 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2016-9987
https://notcve.org/view.php?id=CVE-2016-9987
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120553. IBM Jazz Foundation Reporting Service (JRS) 5.0 y 6.0 es vulnerables a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en el WEB UI, de este modo alterando las funcionalidades planeadas revelando las credenciales dentro de una sesion fiable. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120553 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-1096
https://notcve.org/view.php?id=CVE-2017-1096
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656. IBM Jazz Reporting Service (JRS) 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/120656 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1157
https://notcve.org/view.php?id=CVE-2017-1157
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788. Jazz Reporting Service (JRS) versiones 5.0 y 6.0 de IBM, podría permitir a un atacante identificado acceder a datos de informes que deberían estar restringidos a usuarios autorizados. ID de IBM X-Force: 122788. • http://www.ibm.com/support/docview.wss?uid=swg22001007 http://www.securityfocus.com/bid/99353 https://exchange.xforce.ibmcloud.com/vulnerabilities/122778 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •