Vulnerabilities > IBM > Jazz Reporting Service > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-01 | CVE-2019-4494 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
2019-05-29 | CVE-2019-4184 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. | 5.4 |
2019-04-29 | CVE-2019-4047 | Improper Privilege Management vulnerability in IBM Jazz Reporting Service 6.0.6 IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. | 4.3 |
2019-04-29 | CVE-2018-2004 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
2019-01-08 | CVE-2018-1918 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
2018-11-16 | CVE-2018-1639 | Information Exposure vulnerability in IBM Jazz Reporting Service The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. | 6.5 |
2018-04-25 | CVE-2018-1363 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. | 5.4 |
2018-04-25 | CVE-2017-1750 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. | 5.4 |
2017-11-01 | CVE-2017-1340 | Information Exposure vulnerability in IBM Jazz Reporting Service 6.0.4 IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. | 5.0 |
2017-09-14 | CVE-2017-1490 | Information Exposure vulnerability in IBM Jazz Reporting Service An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information. | 5.3 |