Medium Severity

Security Bulletin: Security vulnerability affects the Report Builder that is shipped with Jazz Reporting Service (CVE-2020-4933)

Share this post:

There is a security vulnerability in the Report Builder shipped with Jazz Reporting Service.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Jazz Reporting Service 7.0.2
IBM Jazz Reporting Service 7.0.1
IBM Jazz Reporting Service 7.0
IBM Jazz Reporting Service

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin:

More stories

Security Bulletin: Multiple vulnerabilities in Apache HTTP Server affect IBM i

Sep 24, 2021 8:00 pm EDT | Medium Severity

Apache HTTP Server on IBM i is vulnerabile to the issues described in the vulnerability details section. IBM i has addressed the vulnerabilities in the Apache HTTP Server implementation as described in the remediation/fixes section. more

Security Bulletin: Rational Asset Analyzer is affected by a WebSphere Application Server vulnerability.

Sep 23, 2021 8:00 pm EDT | Medium Severity

WebSphere Application Server Liberty used by Rational Asset Analyzer is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed. more

Security Bulletin: IBM Jazz for Service Management is vulnerable to stored cross-site scripting (CVE-2021-38877)

Sep 22, 2021 8:04 pm EDT | Medium Severity

IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. more