CVE-2026-27614

Bugsink (self-hosted error tracking) is affected by a Stored XSS in versions before 2.0.13. The root cause is how Pygments fallback in stacktrace rendering handles line mismatches: _pygmentize_lines() returns raw lines when line counts differ, and then mark_safe() is applied unconditionally to th...

PT-2024-2161 · Ibm · Ibm Engineering Test Management

Name of the Vulnerable Software and Affected Versions: IBM Engineering Test Management versions 7.0.2 through 7.0.3 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a...

PT-2023-14378 · Ibm · Ibm Maximo Asset Management

Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management versions 7.6.1.2 through 7.6.1.3 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a...

IBM Maximo Asset Management 跨站脚本漏洞

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for...

PT-2023-14257 · Ibm · Ibm Sterling B2B Integrator Standard Edition

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.0.3.7 IBM Sterling B2B Integrator Standard Edition versions 6.1.0.0 through 6.1.2.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI,...

CVE-2021-20352

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194710...

IBM Jazz Foundation 跨站脚本漏洞

IBM Jazz Foundation is a next-generation collaboration platform for software delivery technology from International Business Machines Corporation IBM. IBM Jazz Foundation suffers from a cross-site scripting vulnerability that allows a user to embed arbitrary JavaScript code in the Web UI, which c...

CVE-2018-1444

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139906...

PT-2018-5810 · Ibm · Ibm Doors Web Access

Name of the Vulnerable Software and Affected Versions: IBM Doors Web Access versions 9.5 through 9.6 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session...

CVE-2017-1120

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference : 2000152...