Ibm · Ibm Jazz Foundation · CVE-2021-39059
**Name of the Vulnerable Software and Affected Versions**
IBM Jazz Foundation versions 6.0.6 through 7.0.2
**Description**
The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session.
**Recommendations**
For versions 6.0.6 through 7.0.2, consider disabling JavaScript execution in the Web UI as a temporary workaround until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation.