IBM Security Bulletin: Jazz for Service Management (JazzSM) could allow a remote attacker to conduct phishing attacks, using an open redirect attack (CVE-2019-4201)

Jazz for Service Management (JazzSM) could allow a remote attacker to conduct phishing attacks, using an open redirect attack (CVE-2019-4201)

CVE(s): CVE-2019-4201

Affected product(s) and affected version(s):
Jazz for Service Management version 1.1.3 – 1.1.3.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885592
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159122

The post IBM Security Bulletin: Jazz for Service Management (JazzSM) could allow a remote attacker to conduct phishing attacks, using an open redirect attack (CVE-2019-4201) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team https://ibm.co/2HSNZtf