CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2021-20357
https://notcve.org/view.php?id=CVE-2021-20357
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194963. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/194963 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4865
https://notcve.org/view.php?id=CVE-2020-4865
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/190741 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4855
https://notcve.org/view.php?id=CVE-2020-4855
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190457. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/190457 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4547
https://notcve.org/view.php?id=CVE-2020-4547
27 Jan 2021 — IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 183315. Los productos de IBM Jazz Foundation, podrían permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para visitar un sitio web malicios... • https://exchange.xforce.ibmcloud.com/vulnerabilities/183315 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.4EPSS: 0%CPEs: 30EXPL: 0CVE-2020-4524
https://notcve.org/view.php?id=CVE-2020-4524
27 Jan 2021 — IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182434. Los productos de IBM Jazz Foundation, son vulnerables a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la fu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/182434 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 20EXPL: 0CVE-2019-4748
https://notcve.org/view.php?id=CVE-2019-4748
16 Jul 2020 — IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 173174. IBM Jazz Team Server basadas en Applications es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alter... • https://exchange.xforce.ibmcloud.com/vulnerabilities/173174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2018-1456
https://notcve.org/view.php?id=CVE-2018-1456
06 Jun 2018 — IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 140091. IBM Rhapsody DM, desde la versión 5.0 hasta la 5.0.2 y desde la versión 6.0 hasta la 6.0.5 es vulnerable a ataques de tipo XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabil... • http://www.ibm.com/support/docview.wss?uid=swg22016795 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2017-1462
https://notcve.org/view.php?id=CVE-2017-1462
21 Feb 2018 — IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128461. IBM Rhapsody DM 5.0 y 6.0 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=swg22013739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 108EXPL: 0CVE-2017-1507
https://notcve.org/view.php?id=CVE-2017-1507
11 Dec 2017 — IBM Jazz Foundation Products could disclose sensitive information during a scan that could lead to further attacks against the system. IBM X-Force ID: 129619. IBM Jazz Foundation Products podría revelar información sensible durante un escaneo que podría conducir a más ataques contra el sistema. IBM X-Force ID: 129619. • http://www.ibm.com/support/docview.wss?uid=swg22010627 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 108EXPL: 0CVE-2017-1240
https://notcve.org/view.php?id=CVE-2017-1240
27 Nov 2017 — IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359. Los productos IBM Rhapsody DM podrían revelar información sensible en respuestas HTTP 500 - Error interno del servidor. IBM X-Force ID: 124359. • http://www.ibm.com/support/docview.wss?uid=swg22010512 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •