IBM Jazz Reporting Service 6.0.0

CPE Details

IBM Jazz Reporting Service 6.0.0
ibm
jazz_reporting_service
6.0.0
2019-05-29
17h07 +00:00
2019-05-29
17h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:jazz_reporting_service:6.0.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

jazz_reporting_service

Version

6.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-4184 2019-05-29 15h10 +00:00 IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158974.
5.4
Medium
CVE-2018-2004 2019-04-29 16h35 +00:00 IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155006.
5.4
Medium
CVE-2018-1639 2018-11-16 16h00 +00:00 The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579.
6.5
Medium