Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Jazz Reporting Service
Total 50 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-4047 1 Ibm 1 Jazz Reporting Service 2022-12-09 4.0 MEDIUM 4.3 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.
CVE-2019-4494 1 Ibm 1 Jazz Reporting Service 2022-12-07 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164115.
CVE-2019-4497 1 Ibm 1 Jazz Reporting Service 2022-12-07 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164118.
CVE-2019-4495 1 Ibm 1 Jazz Reporting Service 2022-12-07 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164116.
CVE-2021-20535 1 Ibm 1 Jazz Reporting Service 2021-05-20 5.5 MEDIUM 5.4 MEDIUM
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198834.
CVE-2020-4933 3 Ibm, Linux, Microsoft 3 Jazz Reporting Service, Linux Kernel, Windows 2021-02-22 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191751.
CVE-2020-4718 1 Ibm 1 Jazz Reporting Service 2020-11-29 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187731.
CVE-2020-4541 1 Ibm 1 Jazz Reporting Service 2020-08-10 4.3 MEDIUM 6.1 MEDIUM
IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039.
CVE-2020-4539 1 Ibm 1 Jazz Reporting Service 2020-08-10 4.3 MEDIUM 6.1 MEDIUM
IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2020-4533 1 Ibm 1 Jazz Reporting Service 2020-08-10 4.3 MEDIUM 6.1 MEDIUM
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182717.
CVE-2020-4419 1 Ibm 1 Jazz Reporting Service 2020-05-29 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071.
CVE-2019-4651 1 Ibm 1 Jazz Reporting Service 2020-01-14 7.5 HIGH 9.8 CRITICAL
IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 170962.
CVE-2018-2004 1 Ibm 1 Jazz Reporting Service 2019-10-09 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155006.
CVE-2018-1918 1 Ibm 1 Jazz Reporting Service 2019-10-09 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152785.
CVE-2018-1639 1 Ibm 1 Jazz Reporting Service 2019-10-09 4.0 MEDIUM 6.5 MEDIUM
The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579.
CVE-2017-1370 1 Ibm 1 Jazz Reporting Service 2019-10-02 4.0 MEDIUM 4.9 MEDIUM
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863.
CVE-2019-4184 1 Ibm 1 Jazz Reporting Service 2019-05-31 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158974.
CVE-2018-1363 1 Ibm 1 Jazz Reporting Service 2018-05-25 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137448.
CVE-2017-1750 1 Ibm 1 Jazz Reporting Service 2018-05-25 3.5 LOW 5.4 MEDIUM
IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135523.
CVE-2017-1340 1 Ibm 1 Jazz Reporting Service 2017-11-18 4.0 MEDIUM 5.0 MEDIUM
IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455.