Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence

Summary Jazz Reporting Service is shipped as a component of Rational Reporting for Development Intelligence RRDI. Information about multiple security vulnerabilities affecting Jazz Reporting Service has been published in a security bulletin. Vulnerability Details CVEID: CVE-2017-1157 DESCRIPTION:...

CVE-2016-9987

IBM Jazz Foundation Reporting Service JRS 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...