Description
IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Remediation
References
Related Vulnerabilities
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1099)
EspoCRM Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2019-14351)
WordPress Plugin FancyBox for WordPress Cross-Site Scripting (3.0.2)
ATutor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11446)
WordPress Plugin Woocommerce Categories in gallery format Cross-Site Scripting (1.0.1)