PT-2016-4158 · Ibm · Ibm Jazz Reporting Service
Published
2016-07-08
·
Updated
2016-07-08
·
CVE-2016-0350
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-2888 and CVE-2016-0313.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Jazz Reporting Service