Vulnerabilities > IBM > Jazz Reporting Service

DATE CVE VULNERABILITY TITLE RISK
2024-06-13 CVE-2024-25052 Insufficiently Protected Credentials vulnerability in IBM Jazz Reporting Service 7.0.3
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user.
local
low complexity
ibm CWE-522
4.4
4.4
2021-05-13 CVE-2021-20535 Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
5.4
2021-02-18 CVE-2020-4933 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-11-19 CVE-2020-4718 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-08-10 CVE-2020-4541 Cross-site Scripting vulnerability in IBM Jazz Reporting Service 7.0/7.0.1
IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2020-08-10 CVE-2020-4539 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2020-08-10 CVE-2020-4533 Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1
2020-05-28 CVE-2020-4419 Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-01-09 CVE-2019-4651 SQL Injection vulnerability in IBM Jazz Reporting Service 6.0.6.1
IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
critical
 9.8
9.8
2019-10-01 CVE-2019-4497 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4