![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-34348 – IBM Partner Engagement Manager XML external Vulnerability
September 27, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – REvil Ransomware – Active IOCs
September 27, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-34348 – IBM Partner Engagement Manager XML external Vulnerability
September 27, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Alert – REvil Ransomware – Active IOCs
September 27, 2022Severity
Medium
Analysis Summary
CVE-2022-35721
IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Impact
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2022-34348
Affected Vendors
IBM
Affected Products
- IBM Jazz for Service Management 1.1.3
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.