Ibm: >> Jazz For Service Management >> 1.1.3.20 Security Vulnerabilities
IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
6.1
EPSS Score
0.002
Published
2025-02-06
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-18
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-02-14