Описание
IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231380.
Ссылки
- VDB EntryVendor Advisory
- PatchVendor Advisory
- VDB EntryVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Одновременно
Одно из
EPSS
6.4 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231380.
Уязвимость веб-интерфейса платформы управления и автоматизации рабочих процессов IBM Jazz for Service Management, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS
6.4 Medium
CVSS3
5.4 Medium
CVSS3