cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-25052,https://securityvulnerability.io/vulnerability/CVE-2024-25052,IBM Jazz Reporting Service Stores User Credentials in Plain Clear Text,IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. IBM X-Force ID:  283363.,IBM,Jazz Reporting Service,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T13:45:31.989Z,0
CVE-2021-20535,https://securityvulnerability.io/vulnerability/CVE-2021-20535,,"IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 198834.",IBM,Jazz Reporting Service,6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-05-13T16:15:00.000Z,0
CVE-2020-4933,https://securityvulnerability.io/vulnerability/CVE-2020-4933,,"IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191751.",IBM,Jazz Reporting Service,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2021-02-18T15:15:00.000Z,0
CVE-2020-4718,https://securityvulnerability.io/vulnerability/CVE-2020-4718,,"IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187731.",IBM,Jazz Reporting Service,6.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-11-19T16:15:00.000Z,0
CVE-2020-4541,https://securityvulnerability.io/vulnerability/CVE-2020-4541,,IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039.,IBM,Jazz Reporting Service,6.1,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2020-08-10T13:15:00.000Z,0
CVE-2020-4533,https://securityvulnerability.io/vulnerability/CVE-2020-4533,,"IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182717.",IBM,Jazz Reporting Service,6.1,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2020-08-10T13:15:00.000Z,0
CVE-2020-4539,https://securityvulnerability.io/vulnerability/CVE-2020-4539,,"IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",IBM,Jazz Reporting Service,6.1,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2020-08-10T13:15:00.000Z,0
CVE-2020-4419,https://securityvulnerability.io/vulnerability/CVE-2020-4419,,"IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071.",IBM,Jazz Reporting Service,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-05-28T15:15:00.000Z,0
CVE-2019-4651,https://securityvulnerability.io/vulnerability/CVE-2019-4651,,"IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 170962.",IBM,Jazz Reporting Service (jrs),5.4,MEDIUM,0.0011399999493733048,false,,false,false,false,,,false,false,,2020-01-09T17:15:00.000Z,0
CVE-2019-4494,https://securityvulnerability.io/vulnerability/CVE-2019-4494,,"IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164115.",IBM,Jazz Reporting Service,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2019-10-01T15:15:00.000Z,0
CVE-2019-4497,https://securityvulnerability.io/vulnerability/CVE-2019-4497,,"IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164118.",IBM,Jazz Reporting Service,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2019-10-01T15:15:00.000Z,0
CVE-2019-4495,https://securityvulnerability.io/vulnerability/CVE-2019-4495,,"IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 164116.",IBM,Jazz Reporting Service,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2019-10-01T15:15:00.000Z,0
CVE-2019-4184,https://securityvulnerability.io/vulnerability/CVE-2019-4184,,IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158974.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-05-29T15:29:00.000Z,0
CVE-2019-4047,https://securityvulnerability.io/vulnerability/CVE-2019-4047,,"IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243.",IBM,Jazz Reporting Service,4.3,MEDIUM,0.0010300000431016088,false,,false,false,false,,,false,false,,2019-04-29T17:29:00.000Z,0
CVE-2018-2004,https://securityvulnerability.io/vulnerability/CVE-2018-2004,,IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155006.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2019-04-23T00:00:00.000Z,0
CVE-2018-1918,https://securityvulnerability.io/vulnerability/CVE-2018-1918,,"IBM Jazz Reporting Service (JRS) 6.0.3, 6.0.4, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152785.",IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2019-01-08T16:29:00.000Z,0
CVE-2018-1639,https://securityvulnerability.io/vulnerability/CVE-2018-1639,,The Report Builder of Jazz Reporting Service 5.0 through 5.0.2 and 6.0 through 6.0.6 could allow an authenticated user to obtain sensitive information beyond its assigned privileges. IBM X-Force ID: 144579.,IBM,Jazz Reporting Service,4.3,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2018-11-16T15:29:00.000Z,0
CVE-2018-1363,https://securityvulnerability.io/vulnerability/CVE-2018-1363,,IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137448.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2018-04-25T13:29:00.000Z,0
CVE-2017-1750,https://securityvulnerability.io/vulnerability/CVE-2017-1750,,IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135523.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2018-04-25T13:29:00.000Z,0
CVE-2017-1340,https://securityvulnerability.io/vulnerability/CVE-2017-1340,,IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder interacts with. IBM X-Force ID: 126455.,IBM,Jazz Reporting Service,5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2017-11-01T21:29:00.000Z,0
CVE-2017-1490,https://securityvulnerability.io/vulnerability/CVE-2017-1490,,An unspecified vulnerability in the Lifecycle Query Engine of Jazz Reporting Service 6.0 through 6.0.4 could disclose highly sensitive information.,IBM,Jazz Reporting Service,5.3,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2017-09-14T14:29:00.000Z,0
CVE-2017-1370,https://securityvulnerability.io/vulnerability/CVE-2017-1370,,"IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could disclose sensitive information, including user credentials, through an error message from the Report Builder administrator configuration page. IBM X-Force ID: 126863.",IBM,Jazz Reporting Service,4.9,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2017-07-31T21:29:00.000Z,0
CVE-2017-1096,https://securityvulnerability.io/vulnerability/CVE-2017-1096,,IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2017-07-05T18:29:00.000Z,0
CVE-2016-9989,https://securityvulnerability.io/vulnerability/CVE-2016-9989,,IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120555.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2017-07-05T18:29:00.000Z,0
CVE-2016-9988,https://securityvulnerability.io/vulnerability/CVE-2016-9988,,IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120554.,IBM,Jazz Reporting Service,5.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2017-07-05T18:29:00.000Z,0