Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-38870: Security Bulletin: IBM Aspera on Cloud was vulnerable to a cross-site scripting vulnerability (CVE-2021-38870)

IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208343.

CVE

Related news

CVE-2021-29771: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2021-29771)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2021-29713: IBM X-Force Exchange

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2021-29713: IBM Jazz Team Server products cross-site scripting CVE-2021-29713 Vulnerability Report

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2021-29673: IBM X-Force Exchange

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482.

CVE-2021-29673: IBM Jazz Team Server cross-site scripting CVE-2021-29673 Vulnerability Report

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199482.

CVE-2021-29835: Security Bulletin: Cross-Site scripting vulnerability affect IBM Business Automation Workflow - CVE-2021-29835

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204833.

CVE-2021-29912: IBM X-Force Exchange

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828.

CVE-2021-29912: IBM Security Risk Manager on CP4S cross-site scripting CVE-2021-29912 Vulnerability Report

IBM Security Risk Manager on CP4S 1.7.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207828.

CVE-2021-29878: IBM Business Automation Workflow cross-site scripting CVE-2021-29878 Vulnerability Report

IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 206581.

CVE-2021-20571: IBM Sterling B2B Integrator cross-site scripting CVE-2021-20571 Vulnerability Report

IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199246.

CVE-2021-20481: Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling File Gateway (CVE-2021-20481)

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197503.

CVE-2021-20561: IBM Sterling File Gateway cross-site scripting CVE-2021-20561 Vulnerability Report

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199230.

CVE-2021-20571: IBM X-Force Exchange

IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199246.

CVE-2021-29836: Security Bulletin: Cross-Site Scripting Vulnerablity Affects the Dashboad UI of IBM Sterling B2B Integrator (CVE-2021-29836)

IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204912.

CVE-2021-29764: IBM Sterling B2B Integrator Standard Edition cross-site scripting CVE-2021-29764 Vulnerability Report

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 202268.

CVE-2021-29855: IBM Sterling B2B Integrator Standard Edition cross-site scripting CVE-2021-29855 Vulnerability Report

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205684.

CVE-2021-20554: IBM Sterling Order Management cross-site scripting CVE-2021-20554 Vulnerability Report

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179.

CVE-2021-20554: IBM X-Force Exchange

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179.

CVE-2021-29905: Security Bulletin: IBM Jazz for Service Management is vulnerable to cross-site scripting (CVE-2021-29905)

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207616.

CVE-2021-29815: Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29815)

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204340.

CVE-2021-29814: Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29814)

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204334.

CVE-2021-29812: IBM Jazz for Service Management cross-site scripting CVE-2021-29812 Vulnerability Report

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204330.

CVE-2021-29832: Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29832)

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204824.

CVE-2021-29813: IBM Jazz for Service Management cross-site scripting CVE-2021-29813 Vulnerability Report

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204331.

CVE-2021-29833: IBM Jazz for Service Management cross-site scripting CVE-2021-29833 Vulnerability Report

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204825.

CVE-2021-29810: Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29810)

IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204279.

CVE-2021-38877: IBM Jazz for Service Management cross-site scripting CVE-2021-38877 Vulnerability Report

IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208405.

CVE-2021-20484: Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling File Gateway (CVE-2021-20484)

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197666.

CVE-2021-29800: Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-29800)

IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

CVE-2021-20484: Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Sterling File Gateway (CVE-2021-20484)

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197666.

CVE-2021-29821: Security Bulletin: Multiple vulnerabilities is affecting Tivoli Netcool/OMNIbus WebGUI

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204348.

CVE-2021-29819: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29819 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204346.

CVE-2021-29820: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29820 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204347.

CVE-2021-29806: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29806 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204264.

CVE-2021-29809: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29809 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204270.

CVE-2021-29817: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29817 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204343.

CVE-2021-29808: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29808 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204269.

CVE-2021-29807: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29807 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204265.

CVE-2021-29818: IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI cross-site scripting CVE-2021-29818 Vulnerability Report

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204345.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907