Vulnerabilities > IBM > Jazz FOR Service Management > 1.1.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-28 | CVE-2022-35722 | Cross-site Scripting vulnerability in IBM Jazz for Service Management IBM Jazz for Service Management is vulnerable to stored cross-site scripting. | 5.4 |
| 2020-03-23 | CVE-2019-4718 | Cross-site Scripting vulnerability in IBM Jazz for Service Management 1.1.3.0 IBM Jazz for Service Management 3.13 is vulnerable to cross-site scripting. | 5.4 |
| 2019-07-17 | CVE-2019-4194 | Unspecified vulnerability in IBM Jazz for Service Management 1.1.3.0/1.1.3.1/1.1.3.2 IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. | 4.3 |
| 2019-07-11 | CVE-2019-4193 | Information Exposure vulnerability in IBM Jazz for Service Management IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. | 7.5 |
| 2019-06-06 | CVE-2019-4201 | Open Redirect vulnerability in IBM Jazz for Service Management IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |