Vulnerabilities > IBM > Jazz FOR Service Management

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2023-46186 Forced Browsing vulnerability in IBM Jazz for Service Management 1.1.3.20
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls.
network
low complexity
ibm CWE-425
7.5
7.5
2022-09-28 CVE-2022-35722 Cross-site Scripting vulnerability in IBM Jazz for Service Management
IBM Jazz for Service Management is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-09-23 CVE-2022-35721 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3
IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-09-23 CVE-2021-29810 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-09-23 CVE-2021-29812 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-09-23 CVE-2021-29813 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-09-23 CVE-2021-29814 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-09-23 CVE-2021-29815 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-09-23 CVE-2021-29816 Cross-Site Request Forgery (CSRF) vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
6.5
6.5
2021-09-23 CVE-2021-29832 Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.10
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4