Vulnerabilities > IBM > Jazz FOR Service Management > 1.1.2.1

DATE CVE VULNERABILITY TITLE RISK
2022-09-28 CVE-2022-35722 Cross-site Scripting vulnerability in IBM Jazz for Service Management
IBM Jazz for Service Management is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-02-24 CVE-2016-9975 Cross-Site Request Forgery (CSRF) vulnerability in IBM Dashboard Application Services HUB 3.1.2.1/3.1.3
IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8