2 matches found
Security Bulletin: Multiple security vulnerabilities affect the Lifecycle Query Engine (LQE) that is shipped with Jazz Reporting Service (CVE-2016-0316, CVE-2016-0317, CVE-2016-0318, CVE-2016-0319)
Summary There are multiple security vulnerabilities in the Lifecycle Query Engine LQE shipped with Jazz Reporting Service. Vulnerability Details CVEID: CVE-2016-0316 DESCRIPTION: IBM Jazz Reporting Service is vulnerable to cross-site scripting, caused by improper validation of user-supplied input...
CVE-2016-0316
Cross-site scripting XSS vulnerability in Lifecycle Query Engine LQE in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 and 6.0.2 before iFix003 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...