The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jazz_reporting_service | Ibm | 5.0 (including) | 5.0 (including) |
| Jazz_reporting_service | Ibm | 5.0.1 (including) | 5.0.1 (including) |
| Jazz_reporting_service | Ibm | 5.0.2 (including) | 5.0.2 (including) |
| Jazz_reporting_service | Ibm | 6.0 (including) | 6.0 (including) |
| Jazz_reporting_service | Ibm | 6.0.1 (including) | 6.0.1 (including) |