CVE-2018-2004 is a vulnerability in IBM Jazz Reporting Service
Published on April 29, 2019

IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155006.

NVD

Products Associated with CVE-2018-2004

Want to know whenever a new CVE is published for IBM Jazz Reporting Service? stack.watch will email you.

IBM Jazz Reporting Service

Affected Versions

IBM Jazz Reporting Service:

Version 6.0 is affected.
Version 6.0.1 is affected.
Version 6.0.2 is affected.
Version 6.0.3 is affected.
Version 6.0.4 is affected.
Version 6.0.5 is affected.
Version 6.0.6 is affected.

Exploit Probability

EPSS

0.22%

Percentile

44.83%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-2004 is a vulnerability in IBM Jazz Reporting ServicePublished on April 29, 2019

Products Associated with CVE-2018-2004

Affected Versions

Exploit Probability

CVE-2018-2004 is a vulnerability in IBM Jazz Reporting Service
Published on April 29, 2019