Lucene search

K
IbmJazz Reporting Service

15 matches found

CVE
CVE
added 2017/02/01 8:59 p.m.44 views

CVE-2016-6054

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00227EPSS
CVE
CVE
added 2017/11/01 9:29 p.m.44 views

CVE-2017-1340

IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455.

5CVSS4.7AI score0.00212EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.42 views

CVE-2016-5897

IBM Jazz Reporting Service (JRS) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

5.4CVSS5.6AI score0.00154EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.42 views

CVE-2016-5899

IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00227EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.41 views

CVE-2016-5898

IBM Jazz Reporting Service (JRS) could allow a remote attacker to obtain sensitive information, caused by not restricting JSON serialization. By sending a direct request, an attacker could exploit this vulnerability to obtain sensitive information.

4.3CVSS4.7AI score0.00136EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.41 views

CVE-2017-1096

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 12065...

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/09/14 2:29 p.m.41 views

CVE-2017-1490

An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.

5.3CVSS5.2AI score0.00285EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.39 views

CVE-2016-6047

IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00227EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.38 views

CVE-2016-9988

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.37 views

CVE-2016-9986

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.36 views

CVE-2016-9987

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.36 views

CVE-2016-9989

IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

5.4CVSS5.2AI score0.00269EPSS
CVE
CVE
added 2017/07/05 6:29 p.m.35 views

CVE-2017-1157

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788.

4.3CVSS4.6AI score0.00212EPSS
CVE
CVE
added 2017/07/31 9:29 p.m.35 views

CVE-2017-1370

IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863.

4.9CVSS4.9AI score0.00258EPSS
CVE
CVE
added 2017/02/01 8:59 p.m.31 views

CVE-2016-6039

IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00227EPSS