2 matches found
CVE-2024-28793
IBM Engineering Workflow Management 7.0.2 and 7.0.3 is vulnerable to stored cross-site scripting. Under certain configurations, this vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2024-28793
IBM Engineering Workflow Management (EWM) versions 7.0.2 and 7.0.3 are vulnerable to a stored cross-site scripting flaw in the Team Concert Git Jenkins plugin, caused by insufficient input cleanup and output escaping in the Web UI. This could allow injection of arbitrary JavaScript that may lead ...