ibm jazz_foundation CVE Vulnerabilities (12)

CVEs: 12 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ibm jazz_foundation (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 112 of 12 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-15395 IBM Jazz Foundation 7.0.3 through 7.0.3 iFix019 and 7.1.0 through 7.1.0 iFix005 is vulnerable to access control violations that allows the users to view or access/perform actions beyond their expected capability. [email protected] 4.3 0.18% 2026-02-02 2026-06-17
CVE-2025-1826 IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundation 7.0.2 to 7.0.2 iFix034, 7.0.3 to 7.0.3 iFix016, and 7.1.0 to 7.1.0 iFix004) is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users on the host network to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [email protected] 5.4 0.16% 2025-10-07 2026-06-17
CVE-2025-25048 IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory. [email protected] 6.5 0.31% 2025-09-04 2026-06-17
CVE-2024-43184 IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [email protected] 6.1 0.20% 2025-09-04 2026-06-17
CVE-2025-36157 IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions. [email protected] 9.8 0.50% 2025-08-23 2026-06-17
CVE-2021-29669 IBM Jazz Foundation 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [email protected] 5.4 0.21% 2025-01-11 2026-06-16
CVE-2024-5591 IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. [email protected] 4.3 0.34% 2025-01-03 2026-06-17
CVE-2024-41780 IBM Jazz Foundation 7.0.2, 7.0.3, and 7.1.0 could could allow a physical user to obtain sensitive information due to not masking passwords during entry. [email protected] 4.2 0.18% 2025-01-03 2026-06-17
CVE-2023-45181 IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. [email protected] 6.1 0.28% 2024-11-25 2026-06-17
CVE-2023-26280 IBM Jazz Foundation 7.0.2 and 7.0.3 could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control. [email protected] 5.3 0.39% 2024-11-25 2026-06-17
CVE-2021-39059 IBM Jazz Foundation (IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214619. [email protected] 5.4 0.44% 2022-05-11 2026-06-17
CVE-2019-4457 IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and 6.0.6.1 could allow an authenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 163654. [email protected] 6.5 0.90% 2020-02-19 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence