5 matches found
Security Bulletin: The IBM® Engineering Lifecycle Optimization - Publishing is vulnerable to CVE-2023-45188
Summary IBM® Engineering Lifecycle Optimization - Publishing is vulnerable to CVE-2023-45188Malicious File Upload. Remediations/Fixes section of this bulletin provide instructions on how to address this vulnerability. Vulnerability Details CVEID:CVE-2023-45188 DESCRIPTION: IBM Engineering Lifecyc...
Security Bulletin: Multiple vulnerabilities affects IBM Jazz Foundation and IBM Engineering products.
Summary There are multiple vulnerabilities that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS Next, IBM Engineering Lifecycle Optimization - Engineeri...
Security Bulletin: Session cookie is missing secure attribute and affects IBM Publishing Engine
Summary There is a vulnerability in the session cookie which misses a secure attribute and affects IBM Publishing Engine Vulnerability Details CVEID: CVE-2020-4316 DESCRIPTION: IBM Publishing Engine does not set the secure attribute on authorization tokens or session cookies. Attackers may be abl...
Security Bulletin: Multiple Vulnerabilities in Oracle Outside In Technology affects IBM Rational DOORS Next Generation
Summary IBM Rational DOORS Next Generation® is affected by a vulnerability in the Oracle Outside In Technology® that is used as a component. Vulnerability Details CVE-ID: CVE-2015-4808 Description: An unspecified vulnerability in the Oracle Outside In Technology Outside In Filters component could...
CVE-2016-0316
IBM Jazz Reporting Service’s Lifecycle Query Engine (LQE) is affected by CVE-2016-0316 (XSS). Affected products: Jazz Reporting Service 6.0 and 6.0.1; 6.0.1 is vulnerable to all listed issues, while 6.0.2 is affected by CVE-2016-0316. The vulnerability arises from improper validation of user-supp...