Vulnerabilities > IBM > Jazz Reporting Service > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2021-20535 | Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). | 5.5 |
| 2020-08-10 | CVE-2020-4541 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service 7.0/7.0.1 IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. | 4.3 |
| 2020-08-10 | CVE-2020-4539 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. | 4.3 |
| 2020-08-10 | CVE-2020-4533 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0 IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. | 4.3 |
| 2019-10-01 | CVE-2019-4497 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-4495 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-01 | CVE-2019-4494 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-04-29 | CVE-2019-4047 | Improper Privilege Management vulnerability in IBM Jazz Reporting Service 6.0.6 IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. | 4.3 |
| 2018-11-16 | CVE-2018-1639 | Information Exposure vulnerability in IBM Jazz Reporting Service The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. | 4.0 |
| 2017-11-01 | CVE-2017-1340 | Information Exposure vulnerability in IBM Jazz Reporting Service 6.0.4 IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. | 4.0 |