Vulnerabilities > IBM > Jazz FOR Service Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-11 | CVE-2019-4193 | Information Exposure vulnerability in IBM Jazz for Service Management IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. | 7.5 |
| 2019-06-06 | CVE-2019-4201 | Open Redirect vulnerability in IBM Jazz for Service Management IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2017-12-20 | CVE-2017-1746 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Jazz for Service Management 1.1.3 IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-12-20 | CVE-2017-1631 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Jazz for Service Management 1.1.3 IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |