Cross-site scripting (XSS) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x prior to 5.0.2 ifix016 and 6.x prior to 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-2888 and CVE-2016-0313.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm jazz reporting service 5.0 |
||
ibm jazz reporting service 6.0 |
||
ibm jazz reporting service 5.0.1 |
||
ibm jazz reporting service 6.0.1 |
||
ibm jazz reporting service 5.0.2 |