4 matches found
CVE-2023-45181
IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Security Bulletin: The IBM® Engineering Lifecycle Management is vulnerable to cross-site scripting
Summary A cross-site scripting vulnerability has been identified on the URL "/jts/auth/authrequired". The web-url does not properly sanitise and escape xss payload before out-putting a 'layout' parameter that users supply to the response body leading to a Cross Site Scripting attack. This bulleti...
CVE-2023-45181
IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2023-45181 IBM Jazz Foundation cross-site scripting
IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...