2 matches found
Security Bulletin: IBM Engineering Lifecycle Management is vulnerable to Cross-site Scripting (XSS). (CVE-2021-39059)
Summary Summary guidance: - The Jazz Team Server is vulnerable to cross-site scripting. Vulnerability Details CVEID: CVE-2021-39059 DESCRIPTION: IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alterin...
CVE-2021-39059
CVE-2021-39059 affects IBM Jazz Team Server (Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, 7.0.2). The root cause is cross-site scripting due to insufficient input/data validation and output handling in the Web UI, enabling an attacker to embed arbitrary JavaScript and potentially disclose credent...