Coldfish

**Name of the Vulnerable Software and Affected Versions** IBM Jazz Foundation versions 7.0.2 and below **Description** The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. This is due to a cross-site scripting vulnerability. **Recommendations** For IBM Jazz Foundation versions 7.0.2 and below, update to a version above 7.0.2 to resolve the issue. As a temporary workaround, consider restricting access to the Web UI to minimize the risk of exploitation.