Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/02/25 9:52 a.m.8 views

Security Bulletin: IBM JRS (Jazz Reporting Service) uses a web link with untrusted references to an external site.

Summary IBM JRS Jazz Reporting Service uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims' web browser. The web application produces links to untrusted...

9.8CVSS6.4AI score0.0034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/03 11:30 a.m.11 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Engineering Publishing uses a web link with untrusted references to an external site.

Summary When an user clicks a link to an external site, and that link has the target="blank" attribute, then the new site will be opened into a new tab or window, but will share its process with the original tab or window. The window.opener object stores information from the original window, so i...

9.8CVSS6.6AI score0.0034EPSS
Exploits0Affected Software1
Circl
Circl
added 2024/12/25 2:2 p.m.7 views

CVE-2024-39727

creationtimestamp| type| source ---|---|--- 2024-12-25 14:02:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113713829447547010 2024-12-25 14:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le55iwa6yf2f 2024-12-25 16:00:47+00:00| seen|...

9.8CVSS5.7AI score0.0034EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/12/25 1:59 p.m.10 views

CVE-2024-39727 IBM Engineering Lifecycle Optimization - Engineering Insights tabnabbing

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser...

6.1CVSS6.4AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2024/12/25 1:59 p.m.78 views

CVE-2024-39727

CVE-2024-39727 affects IBM Engineering Lifecycle Optimization components. The IBM bulletin describes that IBM Engineering Insights 7.0.2 and 7.0.3 use a web link with untrusted references to an external site, enabling a remote attacker to expose sensitive information or perform unauthorized actio...

9.8CVSS6.1AI score0.0034EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/25 1:59 p.m.34 views

CVE-2024-39727 IBM Engineering Lifecycle Optimization - Engineering Insights tabnabbing

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser...

6.1CVSS0.0034EPSS
Exploits0References1
Rows per page
Query Builder