Question & Answer
Question
There is a security vulnerability found in the JazzSM version 1.1.2.1,1.1.3.0, 1.1.3.1-1.1.3.4 were if the X-Requested-With: XMLHttpRequest Header Invalidation header is removed from the Burp security testing software.It is still processing the change password module page.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEKCU","label":"Jazz for Service Management"},"Component":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"1.1.2.1,1.1.3","Edition":"FP1, FP2, FP3, FP4","Line of Business":{"code":"LOB45","label":"Automation"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Product Synonym
Jazzsm
Security
X-Requested-With:XMLHttpRequest
Was this topic helpful?
Document Information
More support for:
Jazz for Service Management
Software version:
1.1.2.1,1.1.3
Operating system(s):
AIX, Linux, Windows
Document number:
964562
Modified date:
23 March 2020
UID
ibm10964562
Manage My Notification Subscriptions