NotCVE - vendor:"Ibm" product:"Jazz Reporting Service" version:" >= 6.0 <= 6.0.2"

40 results (0.012 seconds)

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2020-4539

https://notcve.org/view.php?id=CVE-2020-4539

10 Aug 2020 — IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Jazz Reporting Service versiones 6.0.2, 6.0.6, 6.0.6.1, 7.0 y 7.0.1, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la In... • https://exchange.xforce.ibmcloud.com/vulnerabilities/182914 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-4497

https://notcve.org/view.php?id=CVE-2019-4497

01 Oct 2019 — IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164118. IBM Jazz Reporting Service (JRS) versiones 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6 y 6.0.6.1, es vulnerable a un problema de tipo cross-site scripting. Esta ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/164118 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-4495

https://notcve.org/view.php?id=CVE-2019-4495

01 Oct 2019 — IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164116. IBM Jazz Reporting Service (JRS) versiones 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6 y 6.0.6.1, es vulnerable a un problema de tipo cross-site scripting. Esta ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/164116 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-4494

https://notcve.org/view.php?id=CVE-2019-4494

01 Oct 2019 — IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164115. IBM Jazz Reporting Service (JRS) versiones 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6 y 6.0.6.1, es vulnerable a un problema de tipo cross-site scripting. Esta ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/164115 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-4184

https://notcve.org/view.php?id=CVE-2019-4184

29 May 2019 — IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158974. IBM Jazz Reporting Service versión 6.0 hasta 6.0.6.1, es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario en la web UI, y en consecuencia, al... • http://www.securityfocus.com/bid/108529 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-2004

https://notcve.org/view.php?id=CVE-2018-2004

29 Apr 2019 — IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155006. IBM Jazz Reporting Service (JRS) versiones desde la 6.0 hasta la 6.0.6, es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interf... • http://www.securityfocus.com/bid/108099 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-1639

https://notcve.org/view.php?id=CVE-2018-1639

16 Nov 2018 — The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579. Report Builder en Jazz Reporting Service, de la versión 5.0 hasta la 5.0.2 y de la versión 6.0 hasta la 6.0.6, podría permitir que un usuario autenticado obtenga información sensible más allá de sus privilegios asignados. IBM X-Force ID: 144579. • https://exchange.xforce.ibmcloud.com/vulnerabilities/144579 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-1750

https://notcve.org/view.php?id=CVE-2017-1750

25 Apr 2018 — IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135523. IBM Jazz Reporting Service (JRS), de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los ... • http://www.ibm.com/support/docview.wss?uid=swg22015712 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0

CVE-2018-1363

https://notcve.org/view.php?id=CVE-2018-1363

25 Apr 2018 — IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137448. IBM Jazz Reporting Service (JRS), de la versión 5.0 a la 5.0.2 y desde la versión 6.0 hasta la 6.0.5, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los ... • http://www.ibm.com/support/docview.wss?uid=swg22015712 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2017-1490

https://notcve.org/view.php?id=CVE-2017-1490

14 Sep 2017 — An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information. Existe una vulnerabilidad en el motor de consulta de ciclo de vida de Jazz Reporting Service en sus versiones de la 6.0 a la 6.0.4 que podría revelar información sumamente sensible. • http://www.ibm.com/support/docview.wss?uid=swg22008253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

1 2 3 4