6 matches found
Security Bulletin: IBM JRS (Jazz Reporting Service) uses a web link with untrusted references to an external site.
Summary IBM JRS Jazz Reporting Service uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims' web browser. The web application produces links to untrusted...
Security Bulletin: IBM Engineering Lifecycle Optimization - Engineering Publishing uses a web link with untrusted references to an external site.
Summary When an user clicks a link to an external site, and that link has the target="blank" attribute, then the new site will be opened into a new tab or window, but will share its process with the original tab or window. The window.opener object stores information from the original window, so i...
CVE-2024-39727
creationtimestamp| type| source ---|---|--- 2024-12-25 14:02:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113713829447547010 2024-12-25 14:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le55iwa6yf2f 2024-12-25 16:00:47+00:00| seen|...
CVE-2024-39727 IBM Engineering Lifecycle Optimization - Engineering Insights tabnabbing
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser...
CVE-2024-39727
CVE-2024-39727 affects IBM Engineering Lifecycle Optimization components. The IBM bulletin describes that IBM Engineering Insights 7.0.2 and 7.0.3 use a web link with untrusted references to an external site, enabling a remote attacker to expose sensitive information or perform unauthorized actio...
CVE-2024-39727 IBM Engineering Lifecycle Optimization - Engineering Insights tabnabbing
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser...