Description

IBM Jazz Foundation is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120209.

Remediation

References

CVE-2016-9973

Related Vulnerabilities

LimeSurvey Improper Certificate Validation Vulnerability (CVE-2019-16179)

Django Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-0472)

PHP Cryptographic Issues Vulnerability (CVE-2010-1128)

WordPress Plugin Essential Blocks-Page Builder Gutenberg Blocks, Patterns & Templates Cross-Site Request Forgery (4.0.6)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-0701)

Severity

Medium

Classification

CVE-2016-9973 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities