CVE-2019-4193

Name of the Vulnerable Software and Affected Versions IBM Jazz for Service Management versions 1.1.3 through 1.1.3.2

Description The issue allows sensitive information to be stored in URL parameters, potentially leading to information disclosure if unauthorized parties gain access to the URLs through server logs, referrer headers, or browser history.

Recommendations For versions 1.1.3 through 1.1.3.2, consider modifying the application to avoid storing sensitive information in URL parameters as a temporary workaround. Restrict access to server logs and ensure proper handling of referrer headers and browser history to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.