367 matches found
IBM Jazz Team Server 代码问题漏洞
IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server, and includes any number of Jazz Team Server Extensions that provide tool-specific functionality.A security...
IBM Jazz Team Server 跨站脚本漏洞
IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. IBM Jazz Team...
CVE-2021-38879
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 209057...
IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2022-66257)
IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...
CVE-2021-39043
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Cross site scripting
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2021-39043
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2021-39043
IBM Jazz Team Server (Jazz Team Server) versions 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 are affected by CVE-2021-39043 allowing stored cross-site scripting in the Web UI, potentially leading to credentials disclosure within a trusted session. The root cause is a stored XSS flaw in the Web UI that ...
IBM Jazz Team Server 跨站脚本漏洞
IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...
IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2022-38550)
IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. IBM Jazz Team...
CVE-2021-39059
CVE-2021-39059 affects IBM Jazz Team Server (Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2). The root cause is cross-site scripting due to insufficient input/data validation and output handling in the Web UI, enabling an attacker to embed arbitrary JavaScript and potentially disclose credent...
IBM Jazz Team Server 跨站脚本漏洞
IBM Jazz Team Server is an application server from IBM Corporation in the United States. provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. IBM Jazz Team...
CVE-2021-39059
IBM Jazz Foundation IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
Security Bulletin: Security vulnerability in IBM® Java SDK October 2021 CPU has been identified in Jazz Team Server shipped with Jazz Reporting Service
Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about a security vulnerability in IBM® SDK Java Technology Edition from October 2021 CPU that is affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerabilit...
Security Bulletin: A Remote Attack Vulnerability in Apache Log4j affects Engineering Lifecycle Management and IBM Engineering products
Summary There is a high risk Remote Attack Vulnerability in Apache Log4j CVE-2021-44228 which is used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Workflow Management EWM, IBM Engineering Systems...
Security Bulletin: Security Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - affect multiple IBM Continuous Engineering products based on IBM Jazz Technology
Summary There are multiple vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU minus CVE-2020-14781 and CVE-2020-14782 and CVE-2020-14782 that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications:...
IBM Jazz Team Server Elevation of Privilege Vulnerability
IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. An elevation of privilege vulnerability exis...
IBM Jazz Team Server Information Disclosure Vulnerability (CNVD-2021-84583)
IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. An information disclosure vulnerability exis...
IBM Jazz Team Server Cross-Site Scripting Vulnerability (CNVD-2021-88188)
IBM Jazz Team Server is an application server from IBM USA. Provides base services that enable a group of tools to work together as a single logical server and includes any number of Jazz Team Server Extensions that provide tool-specific functionality. A cross-site scripting vulnerability exists ...
CVE-2021-29844
IBM Jazz Team Server products is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...