Vulnerabilities > IBM > Jazz Reporting Service > 6.0

DATE CVE VULNERABILITY TITLE RISK
2019-10-01 CVE-2019-4497 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-10-01 CVE-2019-4495 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-10-01 CVE-2019-4494 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-05-29 CVE-2019-4184 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-04-29 CVE-2018-2004 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-11-16 CVE-2018-1639 Information Exposure vulnerability in IBM Jazz Reporting Service
The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges.
network
low complexity
ibm CWE-200
6.5
6.5
2018-04-25 CVE-2018-1363 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-04-25 CVE-2017-1750 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-09-14 CVE-2017-1490 Information Exposure vulnerability in IBM Jazz Reporting Service
An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.
network
high complexity
ibm CWE-200
5.3
5.3
2017-07-31 CVE-2017-1370 Information Exposure Through an Error Message vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page.
network
low complexity
ibm CWE-209
4.9
4.9