Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-26 | CVE-2020-27509 | Cross-site Scripting vulnerability in Galaxkey Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. | 3.5 |
| 2022-06-24 | CVE-2022-33121 | Cross-Site Request Forgery (CSRF) vulnerability in 1234N Minicms 1.11 A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows attackers to arbitrarily delete local .dat files via clicking on a malicious link. | 5.8 |
| 2022-06-24 | CVE-2022-33122 | Cross-site Scripting vulnerability in Eyoucms 1.5.6 A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL field under the login page. | 3.5 |
| 2022-06-24 | CVE-2021-20355 | Exposure of Resource to Wrong Sphere vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. | 5.0 |
| 2022-06-24 | CVE-2021-20421 | Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). | 4.0 |
| 2022-06-24 | CVE-2021-20543 | Injection vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTML injection. | 3.5 |
| 2022-06-24 | CVE-2021-20544 | Server-Side Request Forgery (SSRF) vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request forgery (SSRF). | 4.0 |
| 2022-06-24 | CVE-2021-20551 | Exposure of Resource to Wrong Sphere vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system. | 2.1 |
| 2022-06-24 | CVE-2021-29865 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to hijack the clicking action of the victim. | 4.9 |
| 2022-06-24 | CVE-2021-38871 | Cross-site Scripting vulnerability in IBM Jazz Team Server IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. | 3.5 |