1068 matches found
CVE-2016-0350
Cross-site scripting XSS vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different...
CVE-2016-0315
The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 maintain session ID validity after a logout action, which allows remote authenticated users to hijack sessions by leveraging an unattended workstation...
CVE-2016-0314
The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-0314
The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-0313
Cross-site scripting XSS vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different...
Cross site scripting
Cross-site scripting XSS vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrar...
Cross site scripting
Cross-site scripting XSS vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different...
CVE-2016-0313
The CVE-2016-0313 entry concerns IBM Jazz Reporting Service (JRS) Report Builder and Data Collection Component (DCC). The vulnerability is a cross-site scripting (XSS) flaw triggered by a crafted URL, allowing remote authenticated users to execute script or HTML. Affected versions are JRS 5.x pri...
CVE-2016-0314
The Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors...
IBM Jazz Reporting Service (JRS) Clickjacking Vulnerability
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a security vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this vulnerability to...
IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site scripting vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...
IBM Jazz Reporting Service (JRS) Session Hijacking Vulnerability
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a security vulnerability in the Report Builder and Data Collection Component DCC implementations due to the program retaining session ID validity after...
IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability (CNVD-2016-04650)
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site scripting vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...
IBM Jazz Reporting Service (JRS) Cross-Site Scripting Vulnerability (CNVD-2016-04651)
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site scripting vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...
IBM Jazz Reporting Service (JRS) Cross-Site Request Forgery Vulnerability
IBM Jazz Reporting Service is an optional component of IBM Rational Reporting for Development Intelligence. IBM Jazz Reporting Service JRS has a cross-site request forgery vulnerability in the Report Builder and Data Collection Component DCC implementations. A remote attacker could exploit this...
Traveling to US? Agencies want to Spy on your Social Media activities right from Airport
Hey! Welcome to the United States. May we have your Twitter handle, please? That's exactly what you'll likely be asked by the U.S. Customs and Border Protection at the airport prior to entering U.S. soil. Yes, your Twitter handle may soon be part of the US Visa process as U.S. Customs and Border...
Mobile Advertising Firm Found Tracking Users To Pay $950K
After settling charges with the Federal Trade Commission this week a mobile advertising company will pay nearly $1M after it was determined the company tracked customers – including children – without their consent. InMobi, an India-based firm with offices across the world, will pay $950,000 in...
NSA wants to Exploit Internet of Things and Biomedical Devices
The cyber attack vectors available to hackers will continue to grow as the Internet of Things IoTs become more commonplace, making valuable data accessible through an ever-widening selection of entry points. Although it's not the hackers alone, the NSA is also behind the Internet of Things. We...
Mozilla Firefox Injection Vulnerability
Mozilla Firefox Health Report is a plug-in developed by the Mozilla Foundation for understanding the performance of the Firefox browser. It collects some usage data from the users, and then provides the stability and performance of the Firefox browser, as well as optimization tips. An injection...