Lucene search
+L

367 matches found

CNNVD
CNNVD
added 2022/06/24 12:0 a.m.8 views

IBM Jazz Team Server 代码问题漏洞

IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server, and includes any number of Jazz Team Server Extensions that provide tool-specific functionality.A security...

5.4CVSS5.6AI score0.00479EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/06/24 12:0 a.m.6 views

IBM Jazz Team Server 跨站脚本漏洞

IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. IBM Jazz Team...

5.4CVSS5.8AI score0.00471EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/06/22 12:0 a.m.3 views

CVE-2021-38879

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057...

5.3CVSS6AI score0.01056EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/05/24 12:0 a.m.21 views

IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2022-66257)

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...

6.4CVSS5.2AI score0.00448EPSS
Exploits0References1
NVD
NVD
added 2022/05/20 5:15 p.m.24 views

CVE-2021-39043

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

6.4CVSS0.00448EPSS
Exploits0References2
Prion
Prion
added 2022/05/20 5:15 p.m.19 views

Cross site scripting

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

3.5CVSS5.2AI score0.00448EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/20 4:20 p.m.22 views

CVE-2021-39043

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

6.4CVSS5.3AI score0.00448EPSS
Exploits0References2
CVE
CVE
added 2022/05/20 4:20 p.m.75 views

CVE-2021-39043

IBM Jazz Team Server (Jazz Team Server) versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are affected by CVE-2021-39043 allowing stored cross-site scripting in the Web UI, potentially leading to credentials disclosure within a trusted session. The root cause is a stored XSS flaw in the Web UI that ...

6.4CVSS5.1AI score0.00448EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/05/20 12:0 a.m.5 views

IBM Jazz Team Server 跨站脚本漏洞

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...

6.4CVSS5.6AI score0.00448EPSS
Exploits0References3
CNVD
CNVD
added 2022/05/13 12:0 a.m.29 views

IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2022-38550)

IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. IBM Jazz Team...

5.4CVSS2.5AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2022/05/11 4:10 p.m.75 views

CVE-2021-39059

CVE-2021-39059 affects IBM Jazz Team Server (Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2). The root cause is cross-site scripting due to insufficient input/data validation and output handling in the Web UI, enabling an attacker to embed arbitrary JavaScript and potentially disclose credent...

5.4CVSS5.2AI score0.00448EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/05/11 12:0 a.m.6 views

IBM Jazz Team Server 跨站脚本漏洞

IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. IBM Jazz Team...

5.4CVSS5.5AI score0.00448EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/05/10 12:0 a.m.4 views

CVE-2021-39059

IBM Jazz Foundation IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

5.4CVSS5.7AI score0.00448EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/07 8:53 p.m.13 views

Security Bulletin: Security vulnerability in IBM® Java SDK October 2021 CPU has been identified in Jazz Team Server shipped with Jazz Reporting Service

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about a security vulnerability in IBM® SDK Java Technology Edition from October 2021 CPU that is affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerabilit...

2.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/11 5:38 p.m.112 views

Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects Engineering Lifecycle Management and IBM Engineering products

Summary There is a high risk Remote Attack Vulnerability in Apache Log4j CVE-2021-44228 which is used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Workflow Management EWM, IBM Engineering Systems...

10CVSS0.9AI score0.99999EPSS
Exploits355Affected Software9
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/01 6:20 p.m.32 views

Security Bulletin: Security Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU minus CVE-2020-14781 and CVE-2020-14782 and CVE-2020-14782 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications:...

5.8CVSS5.4AI score0.03758EPSS
Exploits0Affected Software9
CNVD
CNVD
added 2021/10/31 12:0 a.m.9 views

IBM Jazz Team Server Elevation of Privilege Vulnerability

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. An elevation of privilege vulnerability exis...

7.5CVSS6.7AI score0.0095EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/31 12:0 a.m.9 views

IBM Jazz Team Server Information Disclosure Vulnerability (CNVD-2021-84583)

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. An information disclosure vulnerability exis...

6.5CVSS5.9AI score0.00544EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/29 12:0 a.m.17 views

IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2021-88188)

IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...

5.4CVSS5.4AI score0.0048EPSS
Exploits0References1
OSV
OSV
added 2021/10/27 4:15 p.m.3 views

CVE-2021-29844

IBM Jazz Team Server products is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

8.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder